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Abstract. We present some new and recent algorithmic results concerning 
polynomial system solving over various rings. In particular, we present some 
of the best recent bounds on: 

(a) the complexity of calculating the complex dimension of an algebraic set 

(b) the height of the zero-dimensional part of an algebraic set over C 

(c) the number of connected components of a semi-algebraic set 

We also present some results which significantly lower the complexity of de- 
ciding the emptiness of hypersurface intersections over C and Q, given the 
truth of the Generalized Riemann Hypothesis. Furthermore, we state some re- 
cent progress on the decidability of the prefixes 3V3 and 33V3, quantified over 
the positive integers. As an application, we conclude with a result connect- 
ing Hilbert's Tenth Problem in three variables and height bounds for integral 
points on algebraic curves. 

This paper is based on three lectures presented at the conference corre- 
sponding to this proceedings volume. The titles of the lectures were "Some 
Speed-Ups in Computational Algebraic Geometry," "Diophantinc Problems 
Nearly in the Polynomial Hierarchy," and "Curves, Surfaces, and the Frontier 
to Undecidability." 
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1. Introduction 

This paper presents an assortment of algorithmic and combinatorial results 
that the author hopes is useful to experts in arithmetic geometry and diophantine 
complexity. While the selection of results may appear somewhat eclectic, there 
is an underlying motivation: determining the boundary to tractability for polyno- 
mial equation solving in various settings. The notion of tractability here will mean 
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membership in a particular well-known complexity class depending on the under- 
lying ring and input encoding. As an example of this principle, we point out that 
our brief tour culminates with a result giving evidence for the following assertion: 
The recursive unsolvability of deciding the existence of integral roots for multivari- 
ate polynomials begins with polynomials in three variables. The sharpest current 
threshold is still nine variables (for positive integral roots) [ Jon82[ .p] 

Our main results will first be separated into the underlying ring of interest, here 
either C, R, Q, or Z. Within each group of results, we will warm up with a non- 
trivial result involving univariate polynomials. All necessary proofs are elaborated 
in section @, and our main underlying computational models will either be the 



classical Turing machine [Pap95 or the BSS machine over C [BCSS98| 



The two aforementioned references are excellent sources for further complexity- 
theoretic background, but we will only require a minimal acquaintance with these 
computational models. 

Before embarking on the full technical statements of our main theorems, let us 
see some concrete examples to whet the readers appetite, and further ground the 
definitions we will later require. 



1.1. A Sparse 3x3 Polynomial System. The solution of sparse polyno- 
mial systems is a problem with numerous applications outside, as well as inside, 
mathematics. The analysis of chemi cal react ions | GH99 and the computation of 
equilibria in game-theoretic models |MM95| are but two diverse examples. 

More concretely, consider the following system of 3 polynomial equations in 3 
variables: 



(1) 



144 + 2x- 3y 2 + x 7 y 8 z 9 = 
-51 + bx 2 - 27z + x 9 y 7 z 8 = 



7 -6x + 8x*y 9 z 7 - 12x s y s z 



0. 



Let us see if the system ([[J) has any complex roots and, if so, count how many 
there are. Any terminology or results applied here will be clarified further in section 



Note that the total degre ep| of eac h polynomial above is 24. By an 18— century 
theorem of Etienne Bezout | Sha94 |, we can bound from above the number of 
complex roots of ([!]), assuming this number is finite, by 24-24-24 = 13824. 
However, a more precise 20— century bound can be obtained by paying closer 
attention to the monomial term structure of f|l| ): Considering the convex hull 
of[] the exponent vectors of each equation in (jjj), one obtains three tetrahedra. 



V 



1 James P. Jones, the author of [ Jon82|, attributes the nine variables result to Matiyasevich. 

2 The total degree of a polynomial is just the maximum of the sum of the exponents in any 
monomial term of the polynomial. 

3 i.e., smallest convex set in M 3 containing... 
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These are the Newton polytopes of ([!]), and their mixed volume, by 



a 



beautiful theorem of David N. Bernshtein from the 1970's [Ber75 , turns out to be 
a much better upper bound on the number of complex roots (assuming there are 
only finitely many). For our polynomial system (1), this bound is^ 145. 

Now to decide whether (Ty) has any complex roots, we can attempt to find a 
univariate polynomial whose roots are some simple function of the roots of (fy). 
Elimination theory allows one to do this, and a particularly effective combi- 
natorial algorithm is given in theorem ^ of section |[ For example, the roots of 

P(u) := 268435456u 145 - 138160373760u 137 - 30953963520« 130 + 3446308601856m 129 - 25165824000u 123 
-26293995307008u 122 - 1694282972921856u 121 + 323419618934784ti 120 - 6995155353600u 115 
+87379566133248u 114 + 10198949486395392u 113 - 166099501774798848u 112 - 112538419200u 108 
-82834929745920u 107 - 324798104395579392it 106 - 4419977097552592896-ti 105 + 589824000000u 101 
-35724722176000u 100 + 8364740005330944u" + 4439548695657775104u 98 - 26917017845238005760u 97 
+37910937600000u 93 + 51523633570381824m 92 - 1791672886920019968-ti 91 - 848160250027183521792u 90 
+616996999355281440768it 89 - 664995358310400it 85 + 1524560547831644160u 84 + 745863497970172674048m 83 
+17539603347891497287680u 82 + 994210006214153207808u 81 + 12899450880000m 78 - 47322888233287680u 77 
+33981667956844904448-U 76 - 4986502987101813633024u 75 + 119063825168001672019968u 74 
+31576057329392164012032u 73 + 751796121600000u 70 - 9866721074229006336u 69 
+ 1882463818496535244800u 68 + 3052871408440654112816640u 67 + 380423482789919103664128u 66 
+34866943014558674976768u 65 + 279569449114214400ti 62 - 302173847078728854528u 61 
-534702070464812022223872u 60 - 14973258769647086979053568tt 59 + 4994218012036588712165376u 58 
-2021795433676800u 55 + 8296585706519424000u 54 + 25005465159580886376960u 53 - 3783799262749190677321536m 
+35916388899232830509942784u 51 + 6316741393466865886715904u 50 - 61674073526016000u 47 
-554525302200721744896U 46 + 812163230435877273319104u 45 - 2947435596503653060289376000 u 44 
-141780781258618244980543488U 43 + 6318299549796897024u 39 - 41096279946826872821088ti 38 
+294236770231877581913540688u 37 + 326253143719924635239730432u 36 - 8845750586564412369214464u 35 
-29428437386188800u 32 + 886156671237883112160u 31 - 12033942692990286448093392u 30 ■•■ 
-21345681203414534849440320-ti 29 + 176061998413186705562222592-ti 28 - 8770384173478164480u 24 
+258178048486605790963020ti 23 + 482019749452059431164020u 22 - 11741024693522572606851840u 21 
+32803667644608000u 17 - 3065470746100512257520u 16 - 4365124819437330950400u 15 
+272459282567626190070720u 14 + 19102328814885854400u 9 + 12645306845858008350u 8 
-2606594221714946338575u 7 - 48803823903916800u 2 + 8681150210659989300 

are exactly those numbers of the form a/37, where (a, (3, 7) ranges over all the roots 
of ([!]) in C 3 . The above univariate reduction, thus tells us that our example 
indeed has finitely many complex roots — exactlyu 145, in fact. The above polyno- 
mial took less than 13 seconds to compute using a naive application of resultants 
and factorization on the computer algebra system Maple. Interestingly, computing 
the same univariate reduction via a naive application of Grobner bases (on the 
same machine with the same version of Maple) takes over 3 hours and 51 minutes.u 
Admittedly, computing polynomials like the one above can be an unwieldy 
approach to deciding whether (1) has a complex root. An alternative algorithm, 



discovered by Pascal Koiran in [Koi96] and improved via theorem |f| of section |2| 
here, makes a remarkable simplification depending on conjectural properties of the 
distribution of prime ideals in number fields. 

For instance, an unoptimizcd implementation of this alternative algorithm 
would run as follows on our example: 



4 Please see the Appendix for further details on the theory and implementation behind our 
examples. 
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Assumption 1 The truth of the Generalized^] Riemann Hypothesis (GRH). 

Assumption 2 Access to an oracle[] which can do the following: Given a finite set of 
polynomials F cZ[x, y,z] and a finite subset ScN, our oracle can decide if 
there is a prime p € S such that the mod p reduction of F has a root mod 
in Z/pZ. 

Step 1 Pick a (uniformly distributed) random integer te {5 TO 6 ,.-- , 5-10 6 +2-10 n }. 

Step 2 Using our oracle, decide if there is a prime p€ {2 • 10 22 • t 3 , . . . , 2 • 10 22 ■ (t + 1) 
such that the mod p reduction of (Q) has a root in Z/pZ. If so, declare that 
(|l|) has a complex root. Otherwise, declare that (]!]) has no complex root. ■ 

The choice of the constants above, and the importance of oracle-based algo- 
rithms, are detailed further in section ||. In particular, the constants are simply 
chosen to be large enough to guarantee that, under GRH, the algorithm never fails 
(resp. fails with probability < |) if (|l|) has a complex root (resp. does not have a 
complex root). Thus, for our example, the algorithm above will always give the 
right answer regardless of the random choice in Step 1. Note also that while the 
prime we seek above may be quite large, the number of digits needed to write any 
such prime is at most 56 — not much bigger than 53, which is the total number of 
digits needed to write down the coefficients and exponent vectors of ([!]). We will 
explain the complexity-theoretic relevance of this fact in section || as well. For the 
sake of completeness, we observes that the number of real roots of (1) is exactly 
11. While we will not pursue the complexity of real root counting at length in 
this paper, we will quantitatively explore a more general problem over the reals. 
Another example follows. 

1.2. A Family of Polynomial Inequalities. In theorem |l0| of section 0, we 
present a new bound on the number of connected components of the solution set 
of any collection of polynomial inequalities over the real numbers. Bounds of this 
type have many applications — for example, lower bounds in complexity theory 
|DL79| , ^Y82| and geometric modelling. 



As a simple example, let S a ,b(d, n, p, s) C K™ be the solution set of the following 
collection of p equalities and s inequalities: 

(n-l \ d 

^2 a (t,i) x i J + ^2 b (t,i)( XlX2 " ' Xn Y = °! i^{l,...,p} 
1=1 / 8=1 

(n-1 \ d 

^2 a ( P +i,i) x i j +^2b {p+eyl) (x 1 x 2 ---x n y > 0; ie{l,...,s} 
1=1 / i=l 

for any d, n,p, sSN and real auj) and bujy 

By a bound proved independently by three sets of authors between the 1940's 
and the 1960's ]OP49 , Mil64, Tho65|, we immediately obtain that S aj b(d, n,p, s) 



has at most (dns + l)(2dns + 1)™ connected components. 

However, a much sharper bound can be obtained by again looking more closely 
at the monomial term structure involved: Let Qp be the convex hull of the union of 



5 The Riemann Hypothesis (R.H) is an 1859 conjecture equivalent to a sharp quantitative 
statement on the distribution of primes. GRH can be phrased as a generalization of this statement 
1 o prime ideals in an arbitrary number field. Further background on these RH's can be found in 
[ LQ77| , [BS96| ]. 



, a machine, or powerful being, which can always instancously and corre ctly answ er such 



questions. The particular oracle we specify above happens to be an NP-oracle |Pap95 
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the origin O, the standard basis vectors e\,.. . ,e„ of W 1 , and the set of exponent 
vectors from all the polynomials of (||). (In this case, Qf happens to be a bipyra- 
mid with one apex at O and the other at (d, . . . ,d).) Normalizing n-dimensional 
volume, VoLj(-), so that the volume of the n-simplex with vertices {O, e±, . . . , e„} 
is 1, let V F := Vol„(Q F ). Theorem |l| then says that min{n + 1, ^}(2s) n V F = 
min{n+l,f^i}(2s) n (d+l) is also an upper bound on the number of connected 
components. 

We have thus improved the older bound by a factor of over s(dn) n (modulo 
a nonzero multiplicative constant), for this family of semi-algebraicj] sets. A 
broader comparison of our bound to earlier work appears in section |3.l| . 

Let us now fully state our results over C, R, Q, and Z. 



2. Computing Complex Dimension Faster 

Let fx,... , f m € C[xi, . . . , x n ], F := (/i, . . . , f m ), and let HN C denote the 
problem of deciding whether an input F has a complex root.0 Also let HN denote 
the restriction of this problem to polynomials in Z[xi, . . . , x n \. We will respectively 
consider the complexity of HN and HNc over the Turing-machine model and the 
BSS model over C. 

However, before stating any complexity bounds, let us first clarify our notion 
of input size: With the Turing model, we will assume that any input polynomial 
is given as a sum of monomial terms, with all coefficients and exponents written 
in, say, base 2. The corresponding notion of sparse size is then simply the total 
number of bits in all coefficients and exponents. For example, the sparse size of 
xf + ax\ + b is C(log D + log a + log b) . The sparse size can be extended to the BSS 
model over C simply by counting just the total number of bits necessary to write 
down the exponents (thus ignoring the size of the coefficients) . 

Note that the number of complex roots of the polynomial x® — 1 is already 
exponential in its sparse size. This behavior is compounded for higher-dimensional 
polynomial systems, and even affects decision problems as well as enumerative 
problems. For example, consider the following theorem. 



Theorem 1. [Pla84] HN is NP-/iard, even in the special case of two polyno- 
mial in one variable. More precisely, if one can decide whether an arbitrary input 
polynomial /gZ[xi] of degree D vanishes at a D— root of unity, within a number 
of bit operations polynomial in the sparse size of f , then P = NP. ■ 

So even for systems such as f(x\) = x® — 1 = 0, HN may be impossible to solve 
within bit complexity polynomial in log_D and the sparse size of /. An analogue of 
this result for HNc (theorem [sj) appears in the next section. 

On the other hand, via the classical Sylvester resultant ]GKZ94 , Ch. 12] and 



some basic complexity estimates on arithmetic operations [BCS97|, it is easy to 



see that this special case of HN can be decided within a number of bit operations 



' A semi-algebraic set is simply a subset of R n defined by the solutions of a finite collection 
of polynomial inequalities. 

8 We say that F is feasible (resp. infeasible) over C iff F has (resp. does not have) a root 
in C n . 
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quadratic in D and the sparse size of /. In complete generality, it is known that 
HNePSPACE — an important subclass of EXPTIME }Koi97| .f| 

Alternatively, if one simply counts arithmetic operations (without regard for 
the size of the intermediate numbers), one can similarly obtain an arithmetic 
complexity upper bound of 0(D 2 ) for the special case of HNc corresponding to 
the univariate problem mentioned in theorem [l]. More generally, it is known that 
HN C is NP c -complete[] ]BSS89| , |Shu93| ]. 

Curiously, efficient randomization-free algorithms for HN and HNc are 
hard to find in the literature. So we present such an algorithm, with an explicit 
complexity bound, for a problem including HNc as a special case. 

THEOREM 2. Let Zp be the zero set of F in C™ and dim Zp the complex di- 
mension of Zp. Also let O be the origin, and e\, . . . ,e n the standard basis vectors, 
mR n . Normalize n-dimensional volume Vol„(-) so that the volume of the standard 
n-simplex (with vertices O, e±, ... ,e n ) is 1. Finally, let k be the total number of 
monomial terms in F ( counting repetitions between distinct fi ) and let Qp be the 
convex hull of the union of {O, ei, . . . , e„} and the set of all exponent vectors of 
F. Then there is a deterministic^^ algorithm which computes dim Zp, and thus 
solves HNc, within 0(n 4 kMp 37e Vp + nk\og(m + n)) arithmetic operations, where 
Vp := Vol„(Qp) and Mp is no larger than the maximum number of lattice points 
in any translate of (n + \)Q p . 

Via a height^ estimate from theorem ^ later in this section one can also derive a 
similar bound on the bit complexity of HN. We clarify the benefits of our result 
over earlier bounds in sectio n | 2.1| . The algorithm for theorem |^, and its correctness 
proof, are stated in section p.l| . The techniques involved will also be revisited in 
our discussion of quantifier prefixes over Z in section [|. 

There is, however, a fundamentally different approach which, given the truth of 
GRH, places HN in an even better complexity class. First recall that randomized 

and for 



< 



decision algorithms which answer incorrectly with probability, say, _ ., . 
which the number of bit operations and random bits needed is always polynomial 
in the input size, define the complexity class BPP.0 Recall also that when a BPP 
algorithm is augmented by an oracle in NP, and the number of oracle-destined bits 
is always polynomial in the input size, one obtains the class BPP NP . Finally, when 
just one oracle call is allow ed in a BPP NP algorithm, one obtains the Arthur- 
Merlin class AM jZac86]. 



Theorem 3. [Koi96 Assuming the truth of GRH. HNe AM. 



9 While PSPACE has important relations to parall el algori thms (i.e., algorithms where sev- 
eral operations are executed at once by several processors [Pap95]), we will concentrate exclusively 



on sequential (i.e., non-parallel) algorithms in this paper. 

10 This is the analogue of NP-complete for the BSS model over C [BCSS98] 



i.e., randomization-free 
12 The (absolute multiplicative) height of an algebraic number £ is an important number- 
theoretic invariant related to the minimal polynomial of C, over 7L. Height bounds are also inti- 
mately related to more pedestrian quantities like the maximum absolute value of a coordinate 
of an isolated root of a polynomial system, so we use the term "hei ght" in t his collec t ive sense . 



Further details on heights, and their extension to C", can be found in }5il95b| , [MalOOb| , |KPSOO| . 

13 We emphasize that such algorithms can give different answers when run many times on 
the same input. However, by accepting the most popular answer of a large sample, the error 
probability can be made arbitrarily small. 
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While probabilistic algorithms for HN (and more general problems) have certainly 
existed at least since the early 1980's, the above theorem is the first and only exam- 
ple of an algorithm for HN requiring a number of bit operations just polynomial 
in the input size, albeit modulo two strong assumptions. 

In view of the vast literature on GRH from both number theory and theoretical 
computer science, the study of algorithms depending on GRH is not unreasonable. 
For example, the truth of GRH implies a polynomial-time algorithm for deciding 
whether an input integer is prime [ Mil76[ . Likewise, in view of the continuing 



open status of the P = NP question, oracle-based results are well-accepted within 
theoretical computer science.^] In particular, Koiran's conditional result gives the 
smallest complexity class known to contain HN. Indeed, independent of GRH, 
while it is known that NP C AM C PSPACE ]Pap95| ], the properness of each 
inclusion is still an open problem. 

The simplest summary of Koiran's algorithm is that it uses reduction modulo 
specially selected primes to decide feasibility over C. (His algorithm is unique in 
this respect since all previous algorithms for HN worked primarily in the ring 
C[xi, . . . ,x n ]/(F).) The key observation behind Koiran's algorithm is that an F 
infeasible (resp. feasible) over C will have roots in Z/pZ for only finitely many (resp. 
a positive density of) primes p. 

A refined characterization of the difference between positive and zero density 
can be given in terms of our framework as follows: 

Theorem 4. Following the notation above, assume now that fi, ■ . ■ , f m S Z[xi , . 
feipl o~{F) be the maximum o/log |c| as c ranges over the coefficients of all the mono- 
mial terms of F, and let D be the maximum total degree of any ft. Then there exist 
aF-, Ap GN, with the following properties: 

(a) F infeasible over C =>■ the reduction of F mod p has a root in li/pL for at 
most ap distinct primes p, and ap = 0{n 3 DVp{A n D log D + <j(F) + logm)). 

(b) Given the truth of GRH, F feasible over C =>■ for each t > 4963041, the 
sequence {Apt 3 , . . . ,Ap(t + l) 3 — 1} contains a prime p such that the re- 
duction of F mod p has a root in TLjpTL. Furthermore, we can take Ap = 
O (\Vf <r(hp)(n log D + logcr(-F'))] 2 ), where hp is the polynomial defined in 
theorem |^ below. 

In particular, the bit-sizes of of and Ap are both 0(nlogD + loga(F)) — sub- 
quadratic in the sparse size of F. Simple explicit formulae for ap and Ap appear 



in remarks uJA and \Ut of section 6.1 



Via theorem ||, Koiran's algorithm for HN can be paraphrased as follows:^ 
Assumption 1 The truth of GRH. 
Assumption 2 Access to an NP-oracle. 

Step 1 Pick a (uniformly distributed) random integer t£ {4963041, . . . , 4963041 + 3ap}. 
Step 2 Using our oracle, decide if there is a prime pG {Apt 3 , . . . , Ap(t + l) 3 — 1} 
such that F has a root mod p. If so, declare that F has a complex root. 
Otherwise, declare that F has no complex root. ■ 



14 It turns o ut that P = NP also implies the existence of a polynomial-time algorithm for 
primality testing [ |Pra75| . 



15 We point out that in Koi96 , the notation cr(F) was instead used for a different quantity 
akin to 2 + mD. 

16 We point out that, to the best of the author's knowledge, this is the first time that the 
constants underlying Koiran's algorithm have been made explicit. 
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In particular, it follows immediately from theorem ^| that the algorithm above is 
indeed an AM algorithm, and that the error probability is < |. Better still, the 
error probability can be replaced by an arbitrarily small constant e (keeping the 
same asymptotic complexity), simply by replacing 3a p by ^ap in Step 1 above. 

The proof of theorem [| is based in part on a particularly effective form of 
univariate reduction. 

Theorem 5. Following the notation above, and the assumptions of theorem^, 
there exist a univariate polynomial hp G Z[uo] cmd a point up := (u\, . . . , u n ) S Z n 
with the following properties: 

0. The degree of hp is <Vp. 

1. For any irreducible component W of Zp, there is a point (£i, ■ ■ • , Cn) G W 
such that uiCi +••• + u n £ n * s a ro °t of hp. Conversely, if m<n, all roots 
of hp arise this way. 

2. F has only finitely many complex roots =>■ the splitting field of hp over Q 
is exactly the field Q[xi \ (xi,... ,x n )€<C n is a root of F]. 

3. The coefficients of hp satisfy a(hp) — (Mp[a(F) + m(n\ogD + logm)] + n 2 Vp log D) 
and, when m<n, a(hp) = 0(Mpa(F) + n 2 Vp\ogD). 

4. m<n =>• the deterministic arithmetic complexity of computing up, and all 
the coefficients of hp, is 0(n 3 M F 376 V^). 

5. We have log(l + \u,\) = 0(n 2 logD) for all i. 

Note that we have thus obtained the existence of points of bounded height on the 
positive-dimensional part of Zp , as well as a bound on the height of any point in 
the zero-dimensional part of Zp. Put more simply, via a slight variation of the 
proof of theorem [s], we obtain the following useful bound: 

Theorem 6. Following the notation of theorem any irreducible component 
W of Zp contains a point (x\, . . . , x n ) such that for all i, either Xi = or 
| log |ar*|| =0 (Mp[o~(F) + m(n logD + logm)]). Furthermore, whenm<n, the last 
upper bound can be improved to O(Mp0~(F)). ■ 

Our final result over C is a refinement of theorem |B| which will help simplify 
the proofs of our results in section [5] on integral points. 

Theorem 7. [Roj99c] Following the notation of theorem^, one can pick up 



and hp (still satisfying (0)-(5)) so that there exist a\,... ,a„GN and hi, ... ,h n E 
Z[«o] with the following properties: 

6. The degrees of hi,... ,h n are all bounded above by Vp. 

7. For any root 6 = UiCi + • • • + u n ( n of hp, =Q for all i. 

8. For all i, both loga^ and o~(hi) are bounded above by 0(VpO~(hp)). 

9. m < n =>■ the deterministic arithmetic complexity of computing all the 
coefficients of hi, ... ,h n is 0(n 4 Mp 376 V^). 

Explicit formulae for all these asymp toti c estimates, as well as their proofs, 
appear in remarks ^, [l(], and [Tl| of section 6.1. However, let us first compare these 
quantitative results to earlier work. 

2.1. Related Results Over C. Solving HNc too quickly also leads to un- 
expected collapses of complexity classes as follows. 

Theorem 8. Suppose there is an algorithm (on a BSS machine over C) which 
decides whether an arbitrary input polynomial f € C[xi] of degree D vanishes at 
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a D— root of unity, within a number of arithmetic operations polynomial in the 
sparse size of f . Then NPCBPP. ■ 



This result is originally due to Steve Smale and a proof appears in [RojOOb]. It is 
currently believed that the inclusion NP C BPP is quite unlikely. 

Curiously, finding (as opposed to deciding the existence of) roots for even a 
seemingly innocent univariate polynomial can lead to undecidability in the BSS 
model over C: 

Theorem 9. Determining whether an arbitrary xq€C converges to a root of 
x 3 — 2x + 2 = under Newton's method is undecidable, relative to the BSS model 
over C. I 



This result follows ea sily via a dynamics result of Barna Bar56|| and the proof 



appears in [BCSS98. Sec. 2.4]. One should of course note that this result in no 
way prevents one from finding some xq which converges to a root of x 3 — 2x + 2. 
So this result is a more a reflection of the subtlety of dynamics than the limits of 
the BSS model. 

As for the other results of section [|, we point out that we have tried to balance 
generality, sharpness, and ease of proof in our bounds. In particular, our bounds 
fill a lacuna in the literature where earlier bounds seemed to sacrifice generality for 
sharpness, or vice-versa. 

To clarify this trade-off, first note that Xp < Vp < D n , where lp is the number 
of irreducible components of Zp. (The first inequality follows immediately from 
theorem ^, while the second follows from the observation that Qp always lies in 
a copy of the standard n-simplex scaled by a factor of D.) So depending on the 
shape of Qp, and thus somewhat on the sparsity of F, one can typically expect Vp 
to be much smaller than D n . For example, our 3x3 system from section 



1.1 



gives 



D n = 13824 and Vp = 243. Setting p = n and s = in the example from section pL.2| 
it is easy to see that the factor of improvement can even reach D n , if not m ore. 
As for the quantities k and Mp, we will see in lemma [l] of section |6.1.l| that 
fnD + l\ 

k<m(VF + n) and Mp< I J =0(e n (nD + l) n ). Furthermore, just as Vp is a 

much more desirable complexity measure than D n , we point out that the preceding 
bound on Mp is frequently overly pessimistic: for example, Mp — 0{Vp) for fixed 



n. The true definition of Mp appears in section 6.1.1. 

Our algorithm for computing dim Zp thus gives the first deterministic com- 
plexity bound which is polynomial in Vp and Mp. In particular, while harder 
problems were already known to admit PSPACE complexity bounds, the corre- 
sponding complexity bounds were either polynomial (or worse) in D n , or stated in 
terms of a non-uniform computational model.|^| Our algorithm for the computation 
of dim Zp thus gives a significant speed-up over earlier work. 

For example, via the work of Chistov and Grigoriev from the early 1980's 



on quantifier elimination over C [CG84|, it is not hard to derive a deterministic 

4 

arithmeti c compl exity bound of 0((mD) n ) for the computation of dimZ. More 
recently, |GH93 gave a randomized arithmetic complexity bound of mP^ D°( n \ 
Theorem [2| thus clearly improves the former bound. Comparison with the latter 

17 For example, some algorithms in the literature are stated in terms of arithmetic net- 
works, where the construction of the underlying network is not included in the complexity 
estimate. 
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bound is a bit more difficult since the exponential constants and derandomization 



complexity are not explicit in |GH93 



As for faster algorithms, one can seek complexity bounds which are polynomial 
in even smaller quantities. For example, if one has an irreducible algebraic variety 
V C C™ of complex dimension d, one can define its afflne geometric degree, 
S(V), to be the number of points in V D H where H is a generic (n — d)-flat.[^] 
More generally, we can define S(Zp) to be the sum of S(V) as V ranges over all 
irreducible components of Zp. It then follows (from theorem ^| and a consideration 
of intersection multiplicities) that Tp<b(Zp)<Vp. Similarly, one can attempt to 
use mixed volumes of several polytopes (instead of a single polytope volume) to 
lower our bounds. 

We have avoided refinements of this nature for the sake of simplicity. Another 
reason it is convenient to have bounds in terms of Vp is that the computation 
of S(Zp) is even more subtle than the computation of polytopal n-volume. For 
example, when n is fixed, Vol n (Q) can be computed in polynomial time simply 
by triangula ting the polytope Q and adding together the volumes of the resulting 
n-simplices | GK94 |. However, merely deciding 8(Zp) > is already NP-hard for 
(m, n) — (2,1), via theorem @. As for varying n, computing 8(Zp) is #P-hard, 
while the co mputatio n of poly tope volumes is #P-complete.0 (The latter result 
is covered in |GK94 , KLS97| , while the former result follows immediately from 
the fact that the computation of S(Zp) includes the computation of Vp as a special 
case.) More practically, for any fixed £1,62 > 0, there is an algorithm which runs 
in time polynomial in the sparse encoding of F (and thus polynomial in n) which 
produces a random variable that is within a factor of 1 — e% of Vol n (Qp) with 
probability 1 — £2 [KLS97|. The analogous result for mixed volume is known only 
for certain families of polytopes ]GS00 , and the existence of such a result for S(Zp) 
is still an open problem. 

In any event, we point out that improvements in terms of S(Zp) for our bounds 
are possible, and these will be pursued in a forthcoming paper. Similarly, the 
exponents in our complexity bounds can be considerably lowered if randomization 
is allowed. Furthermore, Lecerf has recently announced a randomized arithmetic 
complexity bound for computing dim Zp which is polynomial in maxi{5(Ztf 1 /;))} 
LecOC |.p| However, the complexity of derandomizing Lecerf 's algorithm is not yet 



clear. 



As for our result on prime densities (theorem ||), part (a) presents the best 
current bound polynomial in Vp and Mp. An earlier density bound, polynomial in 



D n instead, appeared in Koi96 . 

Part ( b) of th eorem || appears to be new, and makes explicit an allusion of 
Koiran in [ Koi96 1 . 

Remark 1. We point out that we cheated slightly in our refinement of Koiran 's 
algorithm: We did not take the complexity of computing Vp into account. (It is easy 
to see that this is what dominates the randomized bit complexity of the algorithm.) 
This can be corrected, and perhaps the simplest way is to replace every occurence 



. sections ^ and 5.2.3 



18 We explain the term "generic" in i 

19 # P is the analogue of NP for enumerative problems (as opposed to decision problems) 



[ Pap95 

20 The paper Lec00| actually solves the harder problem of computing an algebraic descrip- 
tion of a non-empty set of points in every irreducible component of Zp , and distinguishing which 
component each set belongs to. 
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of Vf with D n in our bounds for Mp, of, and Ap. Alternatively, if one want to 
preserve polynomiality in Vf, one can instead apply the polynomial-time randomized 
approximation techniques of [KLS97] to Vf, and make a minor adjustment to the 
error probabilities. I 

Remark 2. Pascal Koiran has also given an AM algorithm (again depending 
on GRH) for deciding whether the complex dimension of an algebraic set is less 



than some input constant [Koi97 . 



Regarding our height bound, the only other res ults state d in polytopal terms 
are an earlier version of theor em || announced in [ Roj99b| , and independently 
disco vered bou nds in flKPSOOj Prop. 2.11] and flMaiOoj , Cor. 8.2.3]. The bound 



from | KPSOO | applies to a slightly different problem, but implies (by intersecting 
with a generic linear subspace with reasonably bounded coefficients)^] a bound 
of 0((4 n Dlogn + na(F))Vp) for our setting. Further more, by examining a key 
ingredient in their proof (Proposition 1.7 from | KPSOO ), their bound can actually 
be improved to 0(DMplogn + uVfo-(F)). The last bound is thus close to ours, 
and can be better when m and o~(F) are large and n is small. The bound from 
MaiOO , Cor. 8.2.3] uses Arakelov intersection theory, holds only for m — n, and 
the statement is more intricate (involving a sum of several mixed volumes) . So it is 



not yet clear when [MaiOC, Cor. 8.2.3] is better than theorem 0. In any case, our 
result has a considerably simpler proof than either of these two alternative bounds: 
We use only resultants and elementary linear algebra and factoring estimates. 

We also point out that the only earlier bounds which may be competitive with 
theorems | and |, [ |KPSOO| , Prop. 2.11], and lMaiOC| , Cor. 8.2.3] are polynomial 
in e n (nD + 1)™ and make various non-degeneracy hypothesis, e.g., m = n and no 
singularities for Zp (see [ Can87[ and |MalOOa , Thm. 5]). As for bounds with 
greater generality, the results of [ FGM90{ imply a height bound for general quan- 
tifier elimination which, unfortunately, ha s a facto r of the form 2(™ 1 °s- D )° < ' where 
r is the number of quantifier alternations | Koi96 



As for theorem |, the approach of rational univariate representations (RUR) 
for the roots of polynomial systems dates back to Kronecker. RUR also goes under 
the name of "effective primitive element theorem" and important precursors to 
theorem 0, with respective complexity bounds polynomial in e n (nD + 1)" and 
D n , are stated in | Can88| an d | Koi96 } Thm. 4]. Nevertheless, the use of 
toric resultants (cf. section 6T), which form the core of our algori thms her e, 
was not studied in the context of RUR until the late 1990's (see, e.g., [Roj99c]). 
In particular, theorem |^ appears to be the first statement giving bounds on a(hi) 
which are polynomial in Vf- As for computing h,hi,... ,h n faster, an algorithm for 
RUR with randomized complexity polynomial in ma,Xi{S(Z^f 1 ,...,£))} was derived 
in |GLS99 ], However, their algorithm makes various nondegeneracy assumptions 
(such as m = n and that F form a complete intersection) and the derandomization 
complexity is not stated. 

The remaining bottle-neck in improving our complexity and height bounds 
stems from the exponentiality in n present in the quantity Mp- However, the 
resulting exponential factor, which is currently known to be at worst 0(e") (cf. 
lemma [l]of section 6.1.1), can be reduced to 0(n) in certain cases. In general, this 
can be done whenever there exists an expression for a particular toric resultant (cf. 



Martin Sombra pointed this out in an e-mail to the author. 
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section |6.l[ ) as a single determinant, or the divisor of a determinant, of a matrix of 
size O(nVp). The existence of such formulae has been proven in various cases, e.g., 



when all the Newton polytopes are axis-parallel parallelepipeds [ WZ94]. Also, such 



formulae have been observed (and constructed) experimentally in various additional 



cases of practical interest [EC93|. Finding compact formulae for resultants is an 
area of active research which thus has deep implications for the complexity of 
algebraic geometry. 

Finally, we note that we have avoided Grobner basis techniques because there 
are currently no known complexity or height bounds polynomial in Vp (or even 
Mp) using Grobner bases for the problems we consider. A further complication 
is that there are examples of ideals, generated by polynomials of degree < 5 in 



0(n) variables, where every Grobner basis has a generator of degree 2 [MM82|. 
This is one obstruction to deriving sharp explicit complexity bounds via a naive 
application of Grobner bases. Nevertheless, we point out that Grobner bases are 
well-suited for other difficult algebraic problems, and their complexity is also an 
area of active research. 

3. Polytope Volumes and Counting Pieces of Semi- Algebraic Sets 

Continuing our theme of measuring algebraic-geometric complexity in combi- 
natorial terms, we will see how to bound the number of connected components of 
a semi-algebraic set in terms of polytope volumes. However, let us first see an un- 
usual example of how input encoding influences computational complexity, as well 
as geometric complexity, over the real numbers. 

Recall that a straight-line program (SLP) presents a polynomial as a se- 
quence of subtractions and multiplications, starting from a small set of constants 



and variables [BCS97, BCSS98]. (Usually, the only constant given a priori is 
1.) The SLP size of a polynomial / € Z[xi, . . . , x n ] is then just the minimum of 
the total number of operations needed by any SLP evaluating to /. Thus, while 

(x + 2 2 ) 1000 — 2 2 has a large sparse size, its SLP size is easily seen to be quite 
small, via standard recursive tricks such as repeated squaring. SLP's are thus a 
more powerful encoding than the sparse encoding, since the SLP size of a polyno- 
mial is trivially bounded from above by a linear function of its sparse size. 
Consider the following corollary of theorem |l|. 

Corollary 1. If one can decide whether an arbitrary /gZ[a;i] has a real root, 
within a number of bit operations polynomial in the SLP size of f , then P = NP. 



Thus the hardness of feasibility testing we've observed earlier over C persists over 
M., albeit relative to a smaller complexity measure. Peter Biirgisscr observed the 
following simple proof of this corollary in 1998: Assuming the hypothesis above, 
consider the polynomial system G .— (f(w), w(z + i) — iz). Then / has a real root 
G has a root (w, z) with w on the unit circle, and our assumption thus implies 
the existence of a polynomial-time algorithm (relative now to the SLP encoding) 
for detecting whether certain systems of two polynomials in two variables have a 
root (w, z) with w on the unit circle. This in turn implies an algorithm, requiring 
a number of bit operations just polynomial in the sparse size of /, for deciding if 
a univariate polynomial / has a root on the unit circle. This is not quite the same 
problem as the special case of HN from theorem [j], but it is nevertheless known 
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to be NP-hard as well [Pla84|. So we finally obtain P = NP from our initial 
assumption and our corollary is thus proved. 

Another complication with detecting the existence of real roots too quickly 
is that the number of real roots, even for a single univariate polynomial, can be 
exponential in the SLP size. (This fact is not implied by our earlier example 
of xf — 1.) To see why, simply consider the recursion gj+\ := 4^(1 — gj) with 
gi :—Ax(l — x). It is then easily checked^] that gj(x) — x has 2 3 roots in the open 
interval (0, 1), but an SLP size of just O(j). 

It is an open question whether corollary |l| holds relative to sparse size. More 
to the point, the influence of sparse size on the number of real roots of polynomial 
systems remains a deep open question. For instance, the classical Descartes rule 
of signs states that any univariate polynomial with real coefficients and k monomial 
terms has at most 2k+l real roots. However, the best known bounds on the number 
of isolated real roots for 2 polynomials in 2 unknowns are already exponential in 
the number of monomial terms, even if one restricts to roots with all coordinates 



positive (cf. section 3.1) 



However, one can at least give bounds which are linear in a suitable polytope 
volume, which apply even in the the more general context of polynomial inequalities. 



theorem 10. }Roj00b| Let /i, . . . , f p+s € R[xi, . . . , x n ] and suppose S C M" 
is the solution set of the following collection of polynomial inequalities: 

fi(x) = 0, i£{l,... ,p} 

f P +i(x) > 0, ,s} 

Let Qp Cffi™ be the convex hull of the union of {O, e\, . . . , e„} and the set of all a 
with monomial term of some fi. Then S has at most 

min{n+ l,^^-}2"s n W (for s>0) or 2"~ 1 V> (for s = 0) 
s — 1 

connected components, where Vf '■— Vo1„((5f)- B 

In closing this brief excursion into semi-algebraic geometry, we point out that 
unlike the complex case, it is not yet known whether Vf is an upper bound on 
the number of real connected components. This is because a complex component 
may contribute two or more real connected components. Nevertheless, it is quite 
possible that the factors exponential in n in our bounds may be removed from our 
bounds in the near future. 

3.1. Related Results Over M.. We first recall the following important result 
relating sparse size and real roots for certain non-degenerate polynomial systems. 
(Recall also that the positive orthant of M." is the subset {(xi, ■ ■ ■ ,x n ) \ xi > 
for all i}.) 

Khovanski's Theorem on Real Fewnomials. (Special Case )F1 |Kho9l| 



Sec. 3.12, Cor. 6] Following the notation of theorem [7^, suppose p — n, s — 0, and 
the Jacobian matrix of F is invertible at any complex root of F. Also let k' be the 
number of exponent vectors which appear in at least one of /i , . . . , /„ . Then F has 
at most (n + l) k 2 k ( k ~ : )/ 2 real roots in the positive orthant. ■ 

22 This example is well-known in dynamical systems, and the author thanks Gregorio Mala- 
jovich for pointing it out. 

23 Khovanski's Theorem on Fe wnomials actually holds for a more general class of functions 



the so-called Pfaffian functions 



|Kho91 | 
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For example, Khovanski's bound readily implies that our 3x3 example from section 



1.1 



has at most 8 • 4 9 • 2 36 = 144115188075855872 real roots — quite a bit more 
than 972 (the estimate from theorem |l^ above) or 11 (the true number of real 
roots). Nevertheless, we emphasize that his theorem was a major advance, giving 
the first bound on the number of real roots independent of the degree of the input 
polynomials. 

As for other more general results, Khovanski also gave bounds on the Betti 
numbers^] of non-degenerate real algebraic varieties [Kho91, Sec. 3.14, Cor. 5]. 
Similarly, these results (which thus require p<n and s = 0) become more practical 
as the polynomial degrees grows and the number of monomial terms remains small. 

Closer to our approach, Benedetti, Loeser, and Risler independently derived a 
polytopal upper bound on the number connected components of a real algebraic 



variety in [BLR91, Prop. 3.6]. Their result, while applying only in the case where 
p<n and s = 0, can give a better bound when the number of equations p is a small 
constant and n is large. We also point out that their result has a more complicated 
statement than ours, involving a recursion in terms of mixed volumes of projections 
of polytopes. 

The only other known bounds on the number of connected components appear 
to be linear in D n . For example, a bound derived by Ol einik, Petrovsky, Milnor, 
and Thorn before the mid-1960's |OP49| , |Mil64| , [Tho65| gives D(2D - l)"" 1 for 
s = and (sD + l)(2sD + 1 )" for s > 0. An improvement, also polynomial in D n , 
was given recently by Basu [ Bas96| : (p + s) n O{D) n , where the implied constant is 
not stated explicitly. For s>0 our bound is no worse than min{n + 1, jzj}(2sD) n 
- better than both preceding bounds and frequently much better. For s = our 
bound is no worse than 2 n ~ 1 D n — negligibly worse than the oldest bound, but 
asymptotically better than Basu's bound. 

For the sake of brevity, we have mainly focused on one combinatorial aspect 
of semi- algebraic sets. So let us at least mention a few additional complexity- 
theoretic references: Foundational results on the complexity of solving (or counting 
the roots of) polynomial systems over R can be found in [ Roy96| ], and faster 



recent algorithms can be found in |Roj98, MP98]. More generally, there are algo- 
rithms known for quantifier elimination over any real closed field [Ren92, Can93, 



BPR96 



Curiously, the best current complexity bounds for the problems over R just 
mentioned are essentially the same as those for the corresponding problems over C. 
Notable recent exceptions include [BGHM97| and |RY0C ] where the complexity 
bounds depending mainly on quantities relating only to the underlying real geom- 
etry. (The first paper deals with finding a point in every connected component 
of a semi- algebraic set, while the second paper deals with approximating the real 
roots of a tr i nomial w ithin time quad ratic in \ogD.) Also, with the exception of 
BGHM97j |Roj98| , |MP98| , |RY00| , all the preceding references present com- 



plexity bounds depending on n and D n , with no mention of sharper quantities like 
V F . 



24 These are more subtle cohomolo gical inv ariants which include the number of connected 
components as a special case (see, e.g., [Mun84 for further details). 
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An interesting question which remains is whether feasibility over M. can be 
decided within the polynomial hierarchy (a collection of complexity classes sus- 



pected to lie below PSPACE |Pap95|), with or without GRH. As we will see now, 



this can be done over Q (at least in a restricted sense) as well as C. 

4. The Generalized Riemann Hypothesis and Detecting Rational Points 

Here we will return to considering computational complexity estimates: We 
show that deciding feasibility over Q, for most polynomial systems, lies within the 
polynomial hierarchy, assuming GRH. To fix ideas, let us begin with the case of a 
single univariate polynomial. 



Theorem 11. |Len98| Suppose f £ Z[xi] and ±| £ Q is a root of f, with 



p, q £ N and gcd(p, q) = 1. Then logp, logq, and the number of rational roots are 
all polynomial in size(/) (the sparse size of f). Furthermore, all rational roots of 
f can be computed within 0(size(/) 10 ) bit operations]^ ■ 

Note that the complexity bound above does not follow directly from the famous 



polynomial-time factoring algorithm of Lenstra, Lenstra, and Lovasz [ LLL82 
their result has complexity polynomial in the degree of /, as well as size(/). Also, 
Lenstra actually derived a more general version of the theorem above which ap- 
plies to finding all bounded degree factors of a univariate polynomial over any fixed 
algebraic number field [ Len98| . Interestingly, the analogue of theorem |l] for the 

and corollary |], has considerable 
of section H for the full statement). 



2m I] 
life 



SLP size is an open problem and, like theorem 
impact within complexity theory (see theorem |_ 

Curiously, there is currently no known analogue of theorem [ll] for systems of 
multivariate polynomials. The main reason is that the most naive generalizations 
easily lead to various obstructions and even some unsolved problems in number 
theory. For example, as of mid-2000, it is still unknown whether deciding the 
existence of a rational root for y 2 — ax 3 + bx + c is even Turing-decidable. Thus, the 
first obvious restriction to make, following the notation of the last two sections, is 
to consider only those F where Zp is finite. But even then there are complications: 

Qi The number of integral roots of F can actually be exponential in the sparse 
size of F: A simple example is the system dliLi^i — 0> ■ ■ ■ ill£=i( a; n — 
which has D n integral roots and a sparse size of (D(nD log-D). ■ 

Q2 For n > 1, the integral roots of F can have coordinates with bit-length 
exponential in size(-F'), thus ruling out one possible source NP certificates: 
For example, the system (x\ — 2, X2 — x\, . . . , x n — has sparse size 

0(n) but has (1, 2, . . . , 2 2 "~ 2 ) as a root. ■ 

So it appears that restricting to deciding the existence of rational roots, instead 
of finding them, may be necessary for sub-exponential complexity. Nevertheless, 
these difficulties may disappear when n is fixed: even the case n = 2 is open. 

As for simple complexity upper bounds, the efficient deterministic algorithms 
of section || can easily be converted to PSPACE algorithms for finding all rational 
points within the zero-dimensional part of an algebraic set. However, we will use 
a different approach to place this problem within an even lower complexity class: 
testing the densities of primes with certain properties. 



25 The exponent was not stated explicitly in [Len98 but, via |LLL82 , can easily be derived 
from the description of the algorithm given there. 
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First note that averaging over many primes (as opposed to employing a single 
sufficiently large prime) is essentially unavoidable if one wants to use mod p root 
counts to decide the existence of rational roots. For example, from basic quadratic 



residue theory [HW79], we know that the number of roots x\ + 1 mod p is not 
constant for sufficiently large prime p. Similarly, Galois-theoretic considerations 
are also necessary before using mod p root counts to decide feasibility over Q. 

Example 3. Take m = n = 1 and F = h= (x\ -2){x\ -7) (a;? - 14). C learly, F 



has no rational roots. However, it is easily checked via the Jacobi symbol | HW7S , 



BS96 that F has a root mod p for all primes p. In particular, note that the Galois 
group here is not transitive: there is no automorphism of Q which fixes Q and 
sends, say, \[2 to \fl . 

So let us now state a precursor to our method for detecting rational roots: 
Recall that itix) denotes the number of primes <x. Let irp(x) be the variation on 
7r(x) where we instead count the number of primes p < x such that the reduction 
of F mod p has a root in Z/pZ, and let # denote set cardinality. 



theorem 12. (See [RojOOc. Thm. 2].) Following the notation of sections^ 



and [5| assume now that the coefficients of F are integers. Let K be the field 
Q(xi | (x\, . . . ,x n ) € Zp , i £ {1, . . . ,n}). Then the truth of GRH implies the 
two statements for all x > 33766: 

1. Suppose oo>#Zf>2 and Gal(if/(Q)) acts transitively on Zf- Then 



n F (x) ( A l\ {V F \ + l)\ogx + V F \V F 0{V F + a(h F ))\ogx 



2. Suppose #Z F >1. Then independent of Gal(K/Q), we have 

ir(x) Vf 

where < b(F, x) < Wf ^ 2 -+ v2 F o(v F+a (i^)+nV F a(h F )/^) logx ^ < ct(/if) = 

O (M F [o-(F) + m(n log D + log m)] + n 2 V F log D) . Better still, we have o~(hp) = 
O(M F 0-(F) + n 2 V F log D) when m<n. ■ 

The upper bound from assertion (1) appears to be new, and the lower bound from 



assertion (2) significantly improves earlier bounds appearing in [Koi96, Mor97, 
BurOO| which were polynomial in D n . Explicit formulae for the above asymptotic 



estimates appear in ]RojOOc| , Remarks 9 and 10]. 



Theorem |12j thus presents the first main difference between feasibility testing 
over C and Q: from theorem [|, we know that the mod p reduction of F has a root 
in Z/pZ for a density of primes p which is either positive or zero, according as F has 
a root in C or not. The corresponding gap between densities happened to be large 
enough for Koiran's randomized oracle algorithm to decide feasibility over C (cf. 
section^). (We point out that Koiran's algorithm actually relies on the behavior 
of the function Np defined below, which is more amenable than that of ttf ) On 
the other hand, assertion (1) of theorem [l^ tells us that the mod p reduction of F 
has a root in Z/pZ for a density of primes which is either 1 or 1 — y^, according as 
F has, or strongly fails to have, a rational root. 
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Unfortunately, the convergence of to its limit is unfortunately too slow to 

permit any obvious algorithm using subexponential work. However, via a Galois- 
theoretic trick (cf. theorem |lj below) we can nevertheless place rational root de- 
tection in a lower complexity class than previously known. 



THEOREM 13. [RojOOc] Following the notation and assumptions of theorem 
[7^ , assume further that F fails to have a rational root [Zp = or Gal(if/Q) 
acts transitively on Zp] . Then the truth of GRH implies that deciding whether F 
has a rational root can be done in polynomial-time, given access to an oracle in 
NP NP , i.e., within the complexity class P NP . Also, we can check the emptiness 
and finiteness of Zp unconditionally (resp. assuming GRH) within PSPACE (resp. 
AMJ. ■ 

The new oracle can be summarized as follows: Given any F and a finite subset 
ScN, our oracle instantaneously tells us whether or not there is a prime pGS such 
that the mod p reduction of F has no roots in Z/pZ. 

Part of the importance of oracle-based algorithms, such as the one above or the 
algorithm from section ||, is that it could happen that P ^ NP but the higher com- 
plexity classes we have been alluding to all collapse to the same level. For example, 
while it is known that NPUBPP C AM C p NpNP c NP NpNP C ■ • • C PSPACE, 



the properness of each inclusion is still unknown [Zac86, BM88, BF91, Pap95|. 

The algorithm for theorem [l3] is almost as simple as the algorithm for theorem 
^ given earlier, and can be outlined as follows: 

Step Let Np(x) denote the weighted version of irp(x) where we instead sum the 
total number of roots in Z/pZ of the mod p reductions of F over all primes 
p<x. 

Step 1 Let ig be an integer just large enough so that £q > 33766 and b(F, ig) < j^. 

Step 2 Estimate, via a constant-factor approximate counting algorithm of Stock- 
meyer [3to85| 26 , both Nf^q) and 7rp(ig) within a factor of |, using poly- 
nomially many calls to our NP NP oracle. Call these approximations N and 
7f respectively. 

Step 3 IfiV<(|) 2 7f, declare Z F nQ n empty. Otherwise, declare Z F nQ n nonempty. ■ 

That our algorithm runs in polynomial time follows easily from our quantitative es- 
timates from th eorem |l2| and an analogous estimate for Np(x) (which also depends 



on GRH) from [ RojOOc . The same holds for the correctness of our algorithm. 

Let us now close with some remarks on the strength of our last two theorems: 
First note that our restrictions on the input F are actually rather gentle. In par- 
ticular, if one assumes m> n and fixes the monomial term structure of F, then 



it follows easily from the theory of resultants [ GKZ94 , Stu98, Roj99c | that, for 
a generic choice of the coefficients, F will have only finitely many roots in C n . 
(See section^ for our definition of generic.) Furthermore, it is quite frequently the 
case that our hypothesis involving Zp and Gal(K/Q) holds when F fails to have a 
rational root. 



Theorem 14. [RojOOc, Thm. 4] Following the notation above, fix the mono- 
mial term structure of F and assume further that m>n and the coefficients of F 



26 Stockmeyer's algorithm actually applies to any function from the complexity class #P, 
and it is easily verified that Np and np lie within this class. 
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are integers of absolute value < c. Then the fraction of such F with Gal(if /Q) act- 
ing transitively on Zp is at least 1 — 0(-^£). Furthermore, we can check whether 
Gal(K/Q) acts transitively on Z F within EXPTIME or, if one assumes GRH, 
within P NP . ■ 

Thus, if the monomial term structure of F is such that f^Zp ^ 1 for a generic 
choice of the coefficients, it easily follows that at least a fraction of 1 — 0(^£-) of 
the F specified above also have no rational roots. The case where the monomial 
term structure of F is such that f^Zp = 1 for a generic choice of the coefficients is 
evidently quite rare, and will be addressed in future work. 

Remark 3. A stronger version of the m = n=l case of theorem (sans com- 
plexity bounds) was derived by Gallagher in [Gal73|. The m>n>l case follows 
from a combination of our framework here, the Lenstra-Lenstra-Lovasz (LLL) al- 
gorithm [ LLL82| ], and an effective version of Hilbert's Irreducibility Theorem from 



Coh81]. 



As we have seen, transferring conditional speed-ups from C to Q presents quite 
a few subtleties, and these are covered at length in | RojOOc ] . We also point out that 
there appears to be no obstruction to extending our algorithm above to detecting 
rational points over any fixed number field, within the same complexity bound. 
This will be pursued in future work. 

4.1. Related Results Over Q. We have mainly concentrated on the com- 
plexity of detecting rational points on certain zero-dimensional algebraic sets, which 
has been a somewhat overlooked topic. Indeed, while a PSPACE complexity 
bound for this problem could have been derived via, say, the techniques of [ CG84| 
no later than 1984, there appears to be no explicit statement of this fact. In any 
event, that a large portion of this problem can be done within the polynomial 
hierarchy appears to be new. 

On the other hand, for algebraic sets of positive dimension, even the decidability 
of feasibility over Q is open. That the study of rational points on higher-dimensional 
varieties has been, and continues to be, intensely studied by some of the best number 
theorists and algebraic geometers is a testament to the difficulty of this problem. 
Current work on finding rational points has thus focused on characterizing (in terms 
of the underlying complex geometry) when a variety has infinitely many rational 
points, and how and where density of rational points can appear. 

For example, it was unproved until the work of Faltings in 1983 [ Fal84 , Bom90| 
that algebraic curves of genusQ > 2 have only finitely many rational points. (This 
fact was originally conjectured by L. J. Mordell in 1922.) The seminal work of 
Lang and Vojta has since lead to even deeper connections between the distri- 
bution of rational points and the geometry of the underlying complex manifold 
|Voj87 , Lan97|. More recently, highly refined quantitative results (some depend- 
ing on conjectures of Lang) on the density of rational points on certain varieties 
have appeared (see, e.g., [ Man95| , Pac99, BT99| and the references therein). 

This is of course but a fragment of the wealth of current active research on 
rational points, and we have yet to speak of the complexity of finding integral 
points. 



27 We will use geomet ric fas opposed to arithmetic) genus throughout this paper. These 
definitions can be found in [Har77, Mir95 . 
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5. Effective Siegel Versus Detecting Integral Points on Surfaces 

The final results we present regard the computational complexity of certain 
problems involving integral points on varieties of dimension > 1. We will strike a 
path leading to a relation between height bounds for integral points on algebraic 
plane curves and certain Diophantine prefixes in < 4 variables, e.g., sentences of 
the form 

3ueN VxeN 3yeN f(u,x,y)=0. 

(The last sentence is an example of the prefix 3V3, and we will casually refer to 
various quantified sentences in this way.) We then conclude with some evidence for 
the undecidability of Hubert's Tenth Problem in three variables (theorem p0[ ). 

We first note that Diophantine complexity has quite a rich theory already in 
one variable. 



Theorem 15. |BCSS98| , Thm. 3, pg. 127] Let r(/) denote the SLP size of 
f G Z[i], starting from the sequence {l,t, ...}. Suppose there exists an absolute 
constant C2 > such that for all f, the number of integral roots of f is bounded 
above by (r(/) + l) c \ Then P c ^NP c |f] ■ 

In short, a deeper understanding of the SLP encoding (cf. section ||) over Z would 
have a tremendous impact in complexity theory. 

Via the sparse encoding, the study of integral roots for polynomials in two 
variables leads us to similar connections with important complexity classes. 



Theorem 16. [AM75] Deciding whether ax 2 + by = c has a root (x,y) GN 2 , 
for an arbitrary input (a, 6, c)gN 3 . is NP -complete relative to the sparse encoding, 
i.e., there is an algorithm for this problem with bit complexity polynomial in log(afec) 
iff P = NP. ■ 

Note that we hit the class NP rather quickly: quadratic polynomials (or genus 
zero curves )0 are enough. The case of higher degree polynomials is much less 
understood. To see this, let us denote the following problem by HTP(n): 

"Decide whether an arbitrary f £Z[xi, . . . 7 x n ] has a root in N" or not."p| 
(So our last theorem can be rephrased as the NP-hardness of HTP(2) for quadratic 
polynomials.) It is then rather surprising that as of mid-2000, the decidability of 
HTP(2) is still open, even for general polynomials of degree 4 (or general curves of 
genus 2). 



Alan Baker has conjectured |Jon81, Section 5] that the analogue HTP(2) for 
Z 2 is decidable. More concretely, the decidability of HTP(2) is known in certain 
special cases, and these form a significant part of the applications of Diophantine 
approximation and arithmetic geometry To describe the known cases, it is conve- 
nient to introduce the following functions. 

Definition 1. Following the notation of sections^ and^, define the function 
Big N : 1[x\,X2\ — > NU{0,oo} by letting Big N (/) be the supremum o/max{|ri|, |r2|} 
as (ri,r2) ranges over {(0, 0)}U(Z/nN 2 ). The function Big z (/) is defined similarly , 
simply letting (n, r2) range over {(0, 0)} U (Zf n Z 2 ) instead. ■ 

2s i.e., the analogue of the P^NP conjecture for the BSS model over C would be settled. 

29 It will be convenient to describe bivariate polynomials in terms of their underlying complex 
geometry, and we will do so freely in this section. 

30 Hilbcrt's Tenth Problem in n variables is actually the simplification of HTP(n) where we 
seek roots in Z n . However, for technical reasons, it is more convenient to deal with HTP(n). 
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Parallel to HTP(n) and its analogue over Z", the computability of Big N im- 
plies the computability of Big z . (Simply consider the substitution f(x,y) i— > 
f(—x,—y)f(—x,y)f(x,—y)f(x,y).) The other direction is actually not trivial: 
there is nothing stopping a curve from having infinitely many integral points out- 
side of the first quadrant, thus obstructing any useful bound for Big z from being 
a useful bound for Big N . 

The computability of Big N would of course imply the decidability of HTP(2). 
However, as of mid-2000, even the computability of Big z is, with a few exceptions, 
known only for those / where Z f falls into one of the following cases: certain genus 



zero curves [Pou93], all genus one curves [BC70|, certain genus two curves |Gra94, 
Poo96|, Thuc curves [Bak68|, and curves in super-elliptic form [Bak69, Bri84[ 



(These also happen to be the only cases for which the decidability of HTP(2) is 
known.) For example, it is known that for any polynomial equation of the form 



y = ao + a\x + C12X + CL3X 

where do, d\, <Z2, 03 €Z and do -I- a\x -\-a2X 2 
all integral solutions must satisfy 



03a; 3 has three distinct complex roots, 



|x|,|y|<exp((10 b C ) lu ) 



where c is any upper bound on |oq|, | ai|, [agl , 1 03] fBak75[ . (More recent improve- 



ments of this bound can be found in |Sch92 j.) 

Remark 4. An interesting related conjecture of Steve Smale [Sma98| is that 



if a plane curve of positive genus has an integral point, then it must have an integral 
point of height singly exponential in the dense size of the defining polynomial. ( See 
below for the definition of dense size.) I 

Of course, one may still worry whether Big z can be computable without Big N 
being computable. We can resolve this as follows: 

Theorem 17. The function Big N is computable Big z is computable. 

The proof follows easily from theorem ^2] of the next section, which describes the 
distribution of integral points within the real part of a complex curve. In spite 
of theorem [Tt], it is still unknown whether replacing Z 2 by N 2 makes a significant 
difference in the complexity of HTP (2) . However, via theorem ^l] of the next section, 
we can prove that a variant of HTP (2) is closely related to detecting infinitudes of 
integral points on plane curves. 

Theorem 18. Let RatCurve(3) denote the problem of deciding whether a (ge- 
ometrically irreducible, possibly singular) genus zero curve in C 3 defined over Z 
contains a point in N 3 . Also let HTP°°(2) denote the problem of deciding whether 
an arbitrary f £ Z[xi, X2] has infinitely many roots in N 2 . Then RatCurve(3) de- 
cidable HTP°°(2) decidable. 

We note that the input for RatCurve(3) is given as usual: a set of polynomi- 
als in Z[xi, X2, X3] defining the curve in question. Curiously, the decidability of 
RatCurve(3), HTP°°(2), and their analogues over Z are all unknown, in spite of 
Siegel's Theorem. (Siegel's Theorem |gie29 | is a famous result from 1934 partially 
classifying those curves with infinitely many integral points.) A refined version of 
Siegel's Theorem appears as theorem ^l] of the next section. 

The preceding results can all be considered as variations on the study of the 
Diophantine prefixes 3 and 33. So to prove more decisive results it is natural 
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to study subtler combinations of quantifiers. In particular, we will show that the 
prefix 3V3 can be solved (almost always) within the polynomial hierarchy. To make 
this more precise, let us make two quantitative definitions: When we say that a 
statement involving a set of parameters {c±, . . . , cn} is true genericallyp], we will 
mean that for any M E N, the statement fails for at most 0(N(2M + l)^ 1 ) of 
the (ci, . . . , cn) lying in {— M, . . . , M} N . Also, for an algorithm with a polynomial 
f EZ[v, x, y] as input, speaking of the dense encoding will simply mean measuring 
the input size as D + o~(f), where D (resp. cr(/)) is the total degree (resp. maximum 
bit-length of a coefficient) of /. 



Theorem 19. | RojOOc| Fix the Newton polytope Q of a polynomial f EZ\v,x,y] 



and suppose that Q has at least one integral point in its interior^] Assume further 
that we measure input size via the dense encoding. Then, for a generic choice of 
coefficients depending only on Q, we can decide whether 3v Vx By f(v, x, y) = 
( with all three quantifiers ranging over N or 1) within coNP . Furthermore, we can 
check whether an input f has generic coefficients within NC. ■ 

The hierarchy of complexity classes NC si mply co nsists of those problems in P 



which admit efficient parallel algorithms (see [ Pap95 1 for a full statement) . Roughly 
speaking, deciding the prefix 3V3 is equivalent to determining whether an algebraic 
surface has a slice (parallel to the (x, y)-plane) densely peppered with integral 
points, and we have thus shown that this problem is tractable for most inputs. 
Whether coNP-completeness persists relative to the sparse encoding remains an 
open question. 

It is interesting to note that the exceptional case to our algorithm for 3V3 
judiciously contains an extremely hard number-theoretic problem: the prefix 33 or, 
equivalently, HTP(2). (That 1\v,y\ lies in our exceptional locus is easily checked.) 



More to the point, James P. Jones has conjectured Jon81| that the decidabilities 
of the prefixes 3V3 and 33, quantified over N, are equivalent. Thus, while we have 
not settled Jones' conjecture, we have at least shown that the decidability of 3V3 
now hinges on a sub-problem much closer to 33. 

Call an algebraic surface ZcC 4 specially ruled iff it is a bundle of genus zero 
curves fibered over a genus zero curve in the (u, w)-plane (coordinatizating C 4 by 
(it, v, x, y)). The proof of theorem [l^ is primarily based on a geometric trick which 
easily extends to the prefix 33V3. In particular, we also have the following result. 

Theorem 20. At least one of the following two statements is false: 

1. The function Big N is Turing-computable. 

2. The Diophantine sentence 

BueN BveN VxeN ByEN f(u,v,x,y) = 

is decidable in the special case where the underlying 3-fold Zf contains a 
specially ruled surface. 

In particular, HTP(3) is a special case of the problem mentioned in statement (2). 



A slightly stronger version of theorem |20| appears in [RojOOa and, for t he conve- 



nience of the reader, we supply a more streamlined proof in section 6.2.3. We thus 



We can in fact assert a much stronger condition, but this one suffices for our present 
purposes. 

32 So, among other things, we are assuming Q is 3-dimensional. 
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now have (applying theorem |l7| ) a weak version of the following implication: Big z 
computable =>- HTP(3) undecidable. 

Since Matiyasevich and Robinson have shown that 33V3 is undecidable (when 
all quantifiers range over N) [MR74], our last theorem can also be interpreted as 
a restriction of this undecidability to a particular subset of the general problem. 
Whether this subproblem can be completely reduced to HTP(3) is therefore of the 
utmost interest. 

5.1. Related Work Over N and Z. We first point out that the decidability 
of 3V3 was an open problem and, in spite of theorem |l9|, remains open for arbitrary 
inputs. We also note that our algorithm for (most of) 3V3 is based on an important 
result of Tung for the prefix V3. 



Tung's Theorem. [Tun87 Deciding the quantifier prefix V3 (with all quan- 



tifiers ranging over N or 1) is coNP -complete relative to the dense encoding. M 

The decidability of V3 (over N and Z) was first derived by James P. Jones in 1981 
|Jon81 |. The algorithms for V3 alluded to in Tung's Theorem are based on some 
very elegant algebraic facts due to Jones, Schinzel, and Tung. We illustrate one 
such fact for the case of V3 over N. 

The JST Theorem. pon81], |Sch82 



Tun87 



Given any f GZ[x,y], we have 



that \/x By f(x, y) = iff all three of the following conditions hold: 



1. 



The polynomial f factors into the form fo(x, y) W i=1 {y— fi{x)) where fo(x, y) € 

y] has no zeroes in the ring Q[x], and for all i, fi € Q[x] and the leading 
coefficient of fi is positive. 

e {1, . . . , xo} 3y £ N such that f(x, y) — 0, where x = max{si, . . . , Sj}, 
and for all i, Si is the sum of the squares of the coefficients of fi. 
Let a be the least positive integer such that afi,... ,afj £ Z[x] and set 
gi := afi for all i. Then the union of the solutions of the following j 
congruences gi(x) = (mod a), . . . ,gj(x) = (mod a) is all of Z/ctZ. 



The analogue of the JST Theorem over Z is essentially the same, save for the a bsence 
of condition (2), and the removal of the sign check in condition (1) |Tun87||. 



The study of the decidability of Diophantinc prefixes dates back to [ Mat 73 , 



MR74 


, |Jon81 


], and | 


Mat93, Tun99, 


Roj99b 




RojOOc 



recent results. Of course, as we have seen above, there is still much left to be done, 
and we hope that this paper sparks the interests of other researchers. 

In particular, the precise complexity of checking whether an input /gZ[m, v, x, y] 
satisfies the hypothesis of statement (2) of theorem [2(] is unknown. (The decidabil- 
ity of this problem is at least known, and there are more restricted versions of (2) 
which can be checked within NC [RojOOa] ].) The author conjectures that this 
hypothesis can in fact be decided within NC, relative to the dense encoding. 

More to the point, it is curious that the complexity of deciding whether a given 
curve has infinitely many integral points is also open. The best result along these 
lines is the following refined version of Siegel's Theorem: 

Theorem 21. [SilOC] Following the notation of sections^ and^, suppose f £ 



1[x\ 1 X2\ is such that Zj is a geometrically irreducible curve, 
infinite <^=> all of the following three conditions are satisfied: 
(a) Zf has genus 0, 



Then Zf (1 Z 
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(b) ZfC\1i 2 contains at least one non-singular point, and 

(c) the highest degree part of f has either (i) exactly one root in Pj. (necessarily 
rational) or (ii) has exactly two distinct roots in and they are both real. 
■ 

Joseph H. Silverman has pointed out that this result may already be known to 
experts in algebraic curves. Another curious fact regarding Siegel's theorem is that 
it still has no proof which settles the computability of Big z . 

A useful result arising from Silverman's proof of theorem ^l] is the following 



solution to a conjecture of the author from [ RojOOa 



Theorem 22. [SilOO] Let W be any geometrically irreducible curve in C 2 de- 
fined over Z possessing infinitely many integral points. Let W' be any unbounded 
subset of W DM 2 . Then W' contains infinitely many integral points. I 

This result, combined with a little computational alg ebra ic geometry, provides the 
proof of theorem [Tt] and the details appear in section <x2 . 



As for more general relations between HTP(n) and its analogue over Z™, it is 
easy to see that the decidability of HTP(n) implies the decidability of its analogue 
over Z". Unfortunately, the converse is currently unknown. Via Lagrange's The- 
orem (that any positive integer can be written as a sum of four squares) one can 
easily show that the undecidability of HTP(n) implies the undecidability of the 
analogue of HTP(4n) over Z". More recently, Zhi-Wei Sun has shown that the An 



can be replaced by 2n + 2 [ Sun92 ] 



6. Proofs of Our Main Technical Results 

For the convenience of the reader, let us briefly distinguish what is new and/or 
recent: To the best of the author's knowledge, theorems ||, |[ M, ||, fj], [l7[ and 
|l8| , and corollary [l] have not appeared in print be fore. Also , although theorem [T^ 



was conjectured, along with a plan of attack, in [RojOOa], its full proof has not 
appeared before. F inally, while preliminary versions of theorems || and appeared 



earlier in [|Roj99c| . their corresponding height bounds are new. 



As for the remaining results, they have either already appeared, or are about 
to appear, in the references listed in their respective statements. 

Our proofs will thus focus on results over our "outlying" rings: C and Z. 

6.1. Proofs of Our Results Over C: Theorems §, |, @, and £|. 

While our proof of theorem ^ will not directly require knowledge of resultants, our 
proofs of theorems g, |5j ^, and [?| are based on the toric resultant .0 This operator 
allows us to reduce all the computational algebraic geometry we will encounter to 
matrix and univariate polynomial arithmetic, with almost no commutative algebra 
machinery. We supply a precis on the toric resultant in the following section. 

As mentioned earlier, we will reduce the description of Zp to univariate poly- 
nomial factorization. Another trick we will use is to reduce most of our questions 
to finding isolated roots of polynomial systems where the numbers of equations and 
variables is the same. 



33 O ther commonly used prefixes for this modern generalization of the classical resultant 
[ Van50| nclude: sparse, mixed, sparse mixed, A-, (Ai, . . . , Ah)-, and Newton. Resultants actu- 



ally date back to work Cayley and Sylvester in the 19— century, but the toric resultant incorporates 
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These geometric constructions are useful for the proof of theorem Q as well, but 
more in a theoretical sense than in an algorithmic sense. As we will see in section 
5.1. 6] , it is number theory which allows us to enter a lower complexity class, and 



univariate reduction is needed only for quantitative estimates. 

6.1.1. Background on Toric Resultants. 
Since we do not have the space to give a full introduction to resultants we refer the 
reader to [Emi94, GKZ94^ |Stu98| for further background. The necessary facts 



wc need arc all summarized below. In what follows, we let [j] :={1, . . . , j}. 

Recall that the support, Supp(/), of a polynomial f£C[xi, . . . , x n ] is simply 
the set of exponent vectors of the monomial terms appearing^ in /. The support 
of the polynomial system F = . . . , f m ) is simply the m-tuple Supp(F) := 
(Supp(/i), . . . ,Supp(/ m )). Let A= (Ai, ■ ■ ■ ,A m+ i) be any (m + l)-tuple of non- 
empty finite subsets of Z™ and set A:= (Ai, . . . , A m ). If we say that F has support 
contained in A then we simply mean that Supp(/i)C v A i for all i€ [m]. 

Definition 2. Following the preceding notation, suppose we can find line seg- 
ments [t>i, u>i], .. . , [f m +i, w m+ i] with {vi,Wi}CAi for all i and Vol m (L) > 0, where 
L is the convex hull of {O, w\ — v±, . . . , w m+ i — u m +i}- Then we can associate to 
A a unique (up to sign) irreducible polynomial Res_4 € Z[c; ia | iE [to + 1] , aGAi] 
with the following property: If we identify C := (ci jQ | i G [m + 1] , aGAf) with the 
vector of coefficients of a polynomial system F with support contained in A (and 
constant coefficients), then F has a root in (C*)' 1 =>■ Rcs_^(C)=0. Furthermore, 
for all i, the degree of Res_4 with respect to the coefficients of ft is no greater than 
V F . U 

We emphasize that the implicat ion abov e does no t go both ways: the correct 
converse involves toric varieties |GKZ94 , Roj99a , Roj99c . A consequence of 



the above definition is that the toric resultant applies mainly to systems of n + 1 
polynomials in n variables. However, via a trick from the next section, this will 
cause no significant difficulties when we consider m polynomials in n variables. 
That the toric resultant can actually be defined as above is covered in detail 



in [3tu94, GKZ94]. There is in fact an exact formula for the degree of Res 



with respect to the coefficients of /, involving mixed volumes [Stu94, GKZ94| 



Our simplified upper bound follow easily from the fact that mixed volume never 



decreases when the input polytopes are grown [BZ88 . 

Another operator much closer to our purposes is the toric perturbation of 

F. 

Definition 3. Following the notation of definition^, assume further that m = 
n, Supp(F)=„4, and Supp(-F*) QA. We then define 

Pert(f. ) / n+1 )(ii)6C[t»a | aeAi+i] 
to be the coefficient of the term of 

Res^(A - sfl,... , f n - sf*, y^UgXg) eC[s] [u a \aeA n +i] 



a£A„ 



of lowest degree in s . 



34 We of course fix an ordering on the coordinates of the exponents which is compatible with 
the usual ordering of Xi, ■ ■ ■ ,x n . 
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The constant term of the last resultant is a generalization of the classical Chow 



form of a zero-dimensional variety [Van50|. The consideration of the higher order 



coefficients is necessary when Zp is positive-dimensional. In particular, the geo- 
metric significance of Pert can be summarized as follows: For a suitable choice of 
F* , An-\-i, and {u a }, Pert satisfies all the properties of the polynomial hp from 
theorem || in the special case m = n. In essence, Pert is an algebraic deformation 
which allows us to replace the positive-dimensional part of Zp by a finite subset 
which is much easier to handle. 

To prove theorems and [?] we will thus need a good complexity estimate 
for computing Res and Pert. 

Lemma 1. Following the notation above, let TZp (resp. Vf) be the number of 
deterministic arithmetic operations needed to evaluate Res^ (resp. Pevt^p* ^ n+1 ^ ) at 
any point in C k+n+1 (resp. C 2k+n+1 ), where AC Supp(T) and A n +i -={0, ei_, .. . ,e„}. 
Also let rp be the total degree o/Res_4 as a polynomial in the coefficients of F Then 
r F < (n+l)V F , Up < (n + l)r F 0(M F - 376 ), and T F < (r F + l)n F + r F {\ + § logr F )- 
Furthermore, k<m(V F + n) and M F < e 1 / & ^=V F + rj" = i (Pi + 2) - IlLife + *)> 
where pi is the length of the projection of nQp onto the Xi-axis. (Note that 
e x /8 « 1.3315.; ■ 



Proof: The bound on 1Z F (resp. Vf) follows directly from [EC93 (resp. |Roj99c 



as well as a basic complexity result on the inverse discrete Fourier transform 



BP94 pg. 12]. 

The bound on k follows by noting that k < m£ F , where tp is the number of 
lattice points in the polytope Qp. By a classical lattice point count of Blichfeldt 



|Bli21 , we obtain ip < Vf + n and we are done. 



As for the bound on Mp, we will observe a bit later that Mp can be bounded 
above by the number of lattice points in the Minkowski sumj^] Q' F := nQp + 
ConvjO, e±, . . . , e„}. (This polytope is clearly contained in the polytope (n+ 1)Qf 
mentioned in theorem ||.) Noting that ^ n+ ^ < e 1 / 8 J^ l+l via Stirling's estimate 
|Rud76 , pg. 200], and that the length of the projection of Q' F onto the x^-axis is 



exactly pi + 1, our bound on Mp follows immediately from another simple lattice 
point count |GW93| , Formula 3.11]. ■ 

Remark 5. That Mp = 0(Vp) for fixed n is immediate from our last lemma. 
Note also that Q' F is contained in the standard n-simplex scaled by a factor nD + 1. 
Calling the latter polytope Qp, it is clear that the number of lattice points in Qp is 
yet another upper bound on Mp . The latter lattice point count in turn has a simple 
explicit formula in terms of the binomial coefficient, and this is how we derived the 



crude bound on Mp mentioned in section 2.1 



Admittedly, such complexity estimates seem rather mysterious without any 
knowledge of how Res and Pert are computed. So let us now give a brief summary: 
The key fact to observe is that, in the best circumstances, one can express Res as 
the determinant of a (square) sparse structured matrix M.^ — a toric resultant 
matrix — whose entries are either or polynomials in the coefficients of F . (In 
fact, the M.^ we use w ^ have every row equal to a permutation of the vector 
v = (Cj,0, ... ,0), where Ci is the vector of coefficients of fi and i (and the per- 
mutation) depends on the row.) These matrices have their origin in the study of 

35 The Minkowksi sum of any two subsets A, B C R n is simply the set {a + b \ a £ A , & £ B}. 
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certain spectral sequences | GKZ94| and there are now down-to-earth combinatorial 



algorithms for finding them [EC93, Emi94, EP99, EM99 



So the quantity Mp in our theorems is nothing more than the number of rows 
(or columns) of M.^. The bound on Mj? from our last theorem thus arises simply 



by applying the main algorithm from |EC93|, and observing that this particular 



construction of M.^ creates a matrix row for every lattice point in a translate of the 
polytope Conv(^4i + • • -+A n +i). In particular, it is also the case that the determin- 
istic arithmetic complexity of constructing M.^ is dominated by 0(Mp \ogn + n 2 ) 



RojOOd , so we can henceforth ignore this construction in our complexity bounds. 
Better still, the quantity Mp can be expected to admit even sharper upper bounds, 
once better algorithms for building toric resultant matrices are found. 

However, it is more frequently the case that Res is but a divisor of detVVl^, 



and further work must be done. Fortunately, in |EC93, Emi94], there are general 
randomized and deterministic algorithms for extracting Res. These algorithms work 
via subtle refinements of the classical technique of recovering the coefficients of a 
polynomial g of degree D by evaluating g at D + 1 points and then solving for the 
coefficients via a structured linear system. This accounts for the appearance of the 
famous linear algebra complexity exponent (w< 2.376), or simple functions thereof, 
in our complexity estimates. 

6.1.2. The Proof of Theorem II. 
Our algorithm can be stated briefly as follows: 

Step If fi is indentically for all i, declare that Zp has dimension n and stop. 

Otherwise, let i:=n — 1. 
Step 1 For each j £ [2k + 1], compute an (i + l)n-tuple of integers 

(ei(j),... ,£n0'),£(i,i)(j), ■ ■ ■ ,£(i, n )(j)) via lemma | and the polynomial 

system (||) below. 
Step 2 Via theorem [| check if the polynomial system 

ei(j)fi + ---+e 1 (j) m f m +e 1 (j) m+1 l 1 + ---+s 1 (jr +l k = 



(3) 



l U)fi + ---+Uj) m frn+e n (j) m+1 l 1 + --- + e n (j) m + l k = 



has a root for more than half of the j £ [2k + 1] , where 

k '-=£(t,l)Xl H 1" £(t,n)X n - 

Step 3 If so, declare that Zp has dimension i and stop. Otherwise, if i > 1, set 

i i — ► i — 1 and go to Step 1. 
Step 4 Via theorem and a univariate gcd computation, check if the system (||) 

has a root which is also a root of F. 
Step 5 If so, declare that Zp has dimension and stop. Otherwise, declare Zp 

empty and stop. 

Before analyzing the correctness of our algorithm, let us briefly clarify Steps 2 
and 4. First let Gfj\ denote the polynomial system (3). In Step 2, we apply 
theorem || to calculate the polynomial ho {j) ■ Since the Gq-) all have an equal num- 
ber of variables and equations (and none of the equations is of the form = 0), 
assertion (1) of theorem || tells us that a particular has a complex root iff 
hc u) has positive degree. So it suffices to compute hc,. } to check the feasibility 
of Guy As for Step 4, note that thanks to theorem [71 Gu\ has a root in com- 
mon with F iff gcd{h G , gi(/ii, . . . , h n ), ... , g„(hi, ... , h n )} has positive degree, 
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where hi,... ,h n are the polynomials corresponding to the application of theo- 
rem ^ to Gt j\ . The preceding gcd and composition of univariate polynomials can 
be computed within Q(nk(n log D)Vf lo g 2 Vf) arithmetic operations via standard 



univariate polynomial algorithms [BP94], and wc will soon see that this complexity 



is negligible compared to the work performed in the rest of our algorithm. 

Let us now check the correctness of our algorithm: Via lemma || and theorem 
[|, we see that Step 2 gives a "yes" answer iff the intersection of Zp with a generic 
codimension i flat is finite (and nonempty), where F is an n-tuple of generic linear 
combinations of the Thus Step 2 gives a "yes" answer iff dim Z F = i. Lemma 
^| below tells us that dim Zp = dim Z F if dim Zp > 1. Otherwise, Step 5 correctly 
decides whether Zp is empty whenever Zp is finite. Thus the algorithm is correct. 

As for the complexity of our algorithm, letting S (resp. 14, W) be the com- 
plexity of the corresponding application of lemma g (resp. theorems || and 0) , we 
immediately obtain a deterministic arithmetic complexity bound of 

(n - 2)5 (All Executions of Step 1) 
+ (n - 2) (2k + l)U (All Executions of Step 2) 

+U' + 0(n 2 kV F (log 2 V F )(\ogD)) (Step 4) 

The complexity of the "if" statements in Steps 3 and 5 is negligible.) Remark 
below tells us that S = Q( (k + n 2 ) l og (to + n)). Furthermore, in the proofs of 
theorems and || (cf. sections |6 . 1 . 5 and |6.1.3| ) later we will see that W = 0(nU) and 



U = OiypVp). Since k>m, our overall complexity bound becomes 0(nkU +nS)- 
0(nkVp"P F + n(k + n 2 ) log(m + n)) = O^kMp- 37 ^ + n(k + n 2 ) log(m + n)) = 
0(n 4 kM 2 - 376 V^ + nklog(m + n)). U 

Remark 6. Note that if we somehow know that dimZ^ > 1, then we do not 
need assertion (2) of theorem nor do we need to apply theorem^. We can thus 
pick any integral point (not equal to O) for up and skip one of the steps of the 
proof of theorem |^. This removes a factor of Vp from the first (usually dominant) 
summand of our complexity bound. M 

Lemma 2. Suppose G(w,v) is a formula of the form 

3x\ €<C ■ • • 3x n <E C (g\ (x, w, v) = 0) A • • • A (g s (x, w, v) = 0), 

where gi, ■ ■ ■ , g s G C[xi, . . . ,x n ,w\, . . . , Wk, v i, . . . ,v r ]. Then there is a sequence 
v(l), . . . , v(2k + 1) £ C such that for all ti)£C', the following statement holds: 
G(w,v(J)) is true for at least half of the j € [2k + 1] G(w,v) is true for a 

Zariski-open set of v S C r . Furthermore, this sequence can be computed within 
log a + (k + n + r) logD arithmetic operations, where a (resp. D) is the maximum 
bit-size of any coefficient (resp. maximum degree) of any gi. ■ 



The above lemma is actually just a special case of theorem 5.6 of |Koi97| 



Remark 7. For the proof of theorem [|, we have s :=n, (g±,... ,g s ) :— G(j\, 
r:=(i + l)n< (n- l)n, v(j) = (e 1 (j), . . . ,s n (j),e^(j), . . . ,£(i,„)(j)), and we take 
w to be the vector of coefficients of F . We thus obtain a = 1 and D = m+i+l<m+n. 



2,x 



J. MAURICE ROJAS 



6.1.3. The Proof of Theorem |^. 
Curiously, precise estimates on coefficient growth in toric resultants are absent 
from the literature. So we supply such an estimate below. In what follows, we use 
Ui in place of u ei . 

Theorem 23. Following the notation of lemma suppose the coefficients of 
F (resp. F* ) have absolute value bounded above by c (resp. c* ) for all i £ [n] and 
iti,... , u n £ C. Also let \\u\\ := \/ u\ + • • • + u\ and let n denote the maximal 
number of monomial terms in any fi. Then the coefficient of u l in Pert(f* i _4 ii+1 ) 
has absolute value bounded above by 

e ^^JJTl-A^-^u\\^(^(c + C *)) MF (^) , 

assuming that det Ai^^O under the substitution (F—sF* 1 uq+uiXi + - ■ ■+u n x n ) i— > 
F. (Note also that 1.66691 J 

Proof: Let cy denote the coefficient of UqS j in detVVl^, under the substitution 
(F — sF* , uq + uixi + ■ • • + u n x n ) i— > F. Our proof will consist of computing an 
upper bound on |cy|, so we can conclude simply by maximizing over j and then 
invoking a quantitative lemma on factoring. 

To do this, we first observe that one can always construct a toric resultant 
matrix with exactly np rows corresponding to f n +i (where S(Zp) <np <Vf), and 
the remaining rows corresponding to f\ 1 . . . , f n . (This follows from the algorithms 
we have already invoked in lemma [j].) Enumerating how appropriate collections 
rows and columns can contain i entries of uq (and j entries involving s), it is easily 

verified that c, is a sum of no more than | F ) ( F . | subdeterminants of M. a 

\% J \ j J 

of size no greater than Mp — i — j . The coefficient Cij also receives similar contri- 
butions from some larger subdeterminants since the rows of corresponding to 
/i, . . . , /„ involve terms of the form r/ + vs. 

Via lemma @ below, we can then derive an upper bound of 



V F \ (M f - i 



on \cij\. However, what we really need is an estimate on the coefficient Ci of Uq of 
Pert(^* _4 n+1 ), assuming the non-vanishing of det M.^- ^o estimate we simply 
apply lemma |] below (observing that Pert( F «^4 ri+1 ) is a divisor of an Mp x Mp 
determinant) to obtain an upper bound of 

^Mp-Tl ■ 2 M * {^fj max { ^ } M^WR* + -*)) Mf 

on \ci\. We can then finish via the elementary inequality [ F A J < e 2 Mf ~ 1 , 



J 



valid for all j (which in turn is a simple corollary of Stirling's formula) . B 

A simple result on the determinants of certain symbolic matrices, used above, 
is the following. 

Lemma 3. Suppose A and B are complex N x N matrices, where B has at 
most N' nonzero rows. Then the coefficient of s J in det(^4 + sB) has absolute value 
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no greater than v^( V + ^ , W here v (res P . W ) is any upper bound on the 

Hermitian norms of the rows of A (resp. B). ■ 

The lemma follows easily by reducing to the case J = 0, via the multilinearity of the 
determinant. The case j = is then nothing more than the classical Hadamard's 



lemma [Mig92] 



The lemma on factorization we quoted above is the following. 



Lemma 4. [Mig92| Suppose f G . . . ,xn] has total degree D and coeffi- 
cients of absolute value < c. Then g€ Z[xi, . . . ,xn] divides f =>- the coefficients 
of g have absolute value < ylT+l • 2 D c. ■ 

We are now ready to prove theorem |^: 
Proof of Theorem |5| 

By adjusting the number polynomials m we can immediately assume that no fi is 
indentically zero. Furthermore, if m = 0, we can clearly set h:=0. So we can also 
assume that m> 1. We now consider three obvious cases. 

(The Case m=n): The existence of an hp satisfying (0)-(5) will follow from 
setting hp(uQ) := PertrF*,A n+ i)(' u o) f° r Ai+i as m lemma |[ F* as in lemma || 
below, and picking several (tti, . . . , u n ) until a good one is found. Assertion (0) of 
theorem || thus follows trivially. That the conclusion of lemma ^| implies assertion 



(1) is a consequence of Roj99c , Def. 2.2 and Main Theorem 2.1]. 

To prove assertions (l)-(5) together we will then need to pick (ui,... , it n ) 
subject to a final technical condition. In particular, consider the following method: 

Pick e G [1 + (^2^j ] an< ^ Se ^ Ui '~ £l a ^ * e t n ] ' ^ ne wors t that can happen is that 
a root of hp is the image two distinct points in Zp under the map . . . , £ n ) i— > 
MiCi + • ■ ■ + «nCnj thus obstructing assertion (2). (Whether this happens can easily 
be checked within 0(Vf log Vf) arithmetic operations via a gcd calculation detailed 



in [Roj99c, Sec. 5.2], after first finding the coefficients of hp-) Otherwise, it easily 
follows from Main Theorems 2.1 and 2.4 of [Roj99c] (and theorem |^ above and 



theorem 23 below) that hp satisfies assertions (l)-(3) and (5). 



Since there are at most ( ^ I pairs of points (Ci ■> C2) ? picking (u±, . . . ,U n ) as 



2 

specified above will eventually give us a good (u\, . . . , u n ). The overall arithmetic 
complexity of our search for up and hp is, thanks to lemma |l|, 



( ( 2 ) + 1) " (VfVf + 0(Vf log Vf)). This proves assertion (4), and we are done. 



Remark 8. Note that we never actually had to compute Vf above: To pick a 
suitable u, we simply keep picking choices (in lexicographic order) with successively 
larger and larger coodinates until we find a suitable u. H 

(The Case m<n): Take f n +i = ■ ■ • = fm = fn- Then we are back in the case 
m = n and we are done. I 

(The Case m>n): Here we employ an old trick: We substitute generic linear 
combinations of /1, . . . , f m for /1, . . . , /„. In particular, set fa := fx + e.J 2 + 
■ ■ ■ + e" 1 ^ 1 f m for all i G [n]. It then follows from lemma ^ below that, for generic 
(ei, . . . ,e n ), Z F is the union of Zp and a (possibly empty) finite set of points. So 
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by the m = n case, and taking into account the larger value for c in our application 
of theorem E3L we are done. ■ 



Remark 9. Following the notation of theorem\2Q, we thus see that the asymp- 
totic bound of assertion (3) can be replaced by an explicit bound of 

log <J Z—y/M F + l- 2 V *4 M * | 



V F 



1 



(c+1) 



if m<n, or 

( p 13/6 



log j — ^MiTi ■ 2 y r 4 M - (yn ^ 

for m>n>l. ■ 



V F 



+ 1 ) ) Vv Mf (m(mV F + lr^c + 1) 



A. 



Lemma 5. Following the notation above let A* = {O, e±, . . . , e„} U Uj=i f or 
all i G [n] and k* := njfcAi, where # denotes set cardinality. Also let C* be the 
coefficient vector of F* . Then there is an F* such that (i) Supp(i 7 '*) C A* , (ii) 
C* = (1, . . . ,1), (Hi) F* has exactly Vf roots in (C*) n counting multiplicities, and 
(iv) det M^^O under the substitution (F — sF* , uq + u±x± + • • • + u n x n ) > F. M 



The above lemma is a paraphrase of [Roj99c, Definition 2.3 and Main Theorem 
2.3]. Furthermore, the deterministic arithmetic complexity of finding such an F* 
is dominated by 0(Mp logn + n 2 ) [RojOOd], and can thus be ignored in our main 
bounds. 

Lemma 6. Following the notation above, let S C C be any finite set of cardi- 
nality > tuVf + 1. Then there is an (e±,... ,e n ) €E S n such that every irreducible 
component of Zp is either an irreducible component of Zp or a point. M 

The proof is essentially the same as the first theorem of [ |GH93 , Sec. 3.4.1], save 
that we use part (0) of theorem | in place of Bezout's Theorem. 

6.1.4. The Proof of Theorem q. 

Since we only care about the size of Xi, we can simply pick uq = — 1, u - L = 1, all other 
Uj = 0, and apply the polynomial hp from theorem]^. (In particular, differing from 
the proof of theorem ^ we need not worry if our choice of (u\, . . . ,u n ) results in 
two distinct £g Zp giving the same value for + • ■ ■ + CnU n .) Thus, by following 
almost the same proof as assertion (3) of theorem 0, we can beat the height bound 
from theorem || by a summand of 0(ji 2 Vf log D). ■ 

Remark 10. Via theorem ^ ( and a classic root size estimate of Cauchy | Mig92 ), 
we easily see that the asymptotic bound for | log \ x^ can be replaced by explicit quan- 
tities slightly better than those stated in remark In particular, it is clear from 

our last proof that we can simply replace the terms of the form ^fn ^ 
in the formulae from remark ^ by V2. H 

6.1.5. The Proof of Theorem [J 



All portions, save assertion (8), follow immediately from [Roj99c, Main Theorem 
2.1]. To prove assertion (8), we will briefly review the computation of hi, ... , h n 
(which was already detailed at greater length in [Roj99c]). Our height bound will 
then follow from some elementary polynomial and linear algebra bounds. 
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In particular, recall the following algorithm for computing hi,.. . ,h n , given h 
as in theorem ||: 

Step 2 If n = l, set hi(8) :—9 and stop. Otherwise, for all i£ [n], let (t) be the 
square-free part of Pert^(f,i«i, . . . , itj_i, Ui — l,itj+i, . . . ,u n ). 

Step 3 Define q*(t) to be the square-free part of Pert^i, Ui, . . . , Uj_i, Uj+1, u;+i, ■ ■ • , 
for all i£[n]. 

Step 4 For all i£ [n] and j € {0, 1}, let r i} j{6) be the reduction of lZj(q~ (t),q*((a + 

1)6 - at)) modulo h{6). 
Step 5 For all i £ [n], define to be the reduction of —6 — ^7g] modulo /i(#). 

Then define Oj to be the least positive integer so that /ij(t) :=aj(7,-€Z[i]. 

Following the notation of the algorithm above, the polynomial 1i-o{f,g) + 
JZi(f,g)t is known as the first subresultant of / and g and can be computed 

as follows: Letting f(t) = oto + otit ^ \- a dl t dl and g{t)=flo + flit + • • • + f3d 2 t d2 > 

consider the following (di + d,2 — 2) x (di + di — 1) matrix 



0o 




Pd 2 
















A> 






















A) 




















/So 


























ao 




Oid-i 


















ao 




















ao 







with di — 1 "/? rows" and d^ — \ "a rows." Let M-J (resp. Mq) be the subma- 
trix obtained by deleting the last (resp. second to last) column. We then define 
Ki(f,g):=det(Ml) forie{0,l}. 

Continuing our proof of Theorem ^, we see that we need only bound the coeffi- 
cient growth of the intermediate steps of our preceding algorithm. Thanks to theo- 
rem ||^, this is straightforward: First note that a(q~) = \og((VF + 1) • 2 Vf ) + a(hp), 
where hp is the square- free part of hp. (This follows trivially from expressing 
the coefficients of a univariate polynomial f(t + 1) in terms of the coefficients of 
/(*).) Via lemma || we then see that a(hp) = log(v / ^ / F + 1 • 2 Vf ) + <r(hp), and thus 
(j{qr) = 0{a{h F )). Similarly, a{q* i ) = 0{a{hp)) as well. 

To bound the coefficient growth when we compute r^j note that the coefficient 

of U in qH20 - t) is exactly (-1)< E ?=* (j) (26)^, where a, is the coefficient of 
t J in q*(t). Thus, via Hadamard's lemma again, we see that 

\ri,j < (y/V P + 1 • e*^) V * * L/Vp + 1 • V f 2 Vf (26) Vf e*^)^ 

for all Since r^j is itself a polynomial in 6* of degree Vf(VV — 1), the last 
inequality then easily implies that a(rij) = 0(Vpa(hp)). 

To conclude, note that for any univariate polynomials f,g£ Z[t] with degree 
< D, cr(fg) = 0(a(f) + a(g) + logD). Via long division it also easily follows 
that the quotient q and remainder r of f / g satisfy ag, are Z[t] and a(aq), a(ar) = 
0(D(a(f) + a(g))), for some positive integer a with log a = (a (g)). 

So by assertion (3) of theorem || we obtain log(aj), a(hi) = 0(Vpa(hF )). ■ 
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Remark 11. An immediately consequence of our proof is that the asymptotic 
bound from assertion (8) can be replaced by the following explicit bound: 

V f {(Vf- 1) [log(V>(V> + l) 4 64^) +2a(h F )] + a(h F )} + a(h F ) +\ogV F . ■ 

6.1.6. The Proof of Theorem 0. 
Proof of Part (a): We first recall the following useful effective arithmetic Null- 
stellensatz of Krick, Pardo, and Sombra. 



Theorem 24. Suppose f\, .. . , f m £Z[xi, . . . ,x n ] and f\ — 
roots in C" . Then there exist polynomials gi, ■ ■ ■ , g m € . . . 
integer a such that g\f\ + ■ • • + g m fm = o- Furthermore, 

log a < 2(n + l fDV F [a(F) + log m + 2 2n+i D \og(D 



■ ' = f m — has no 

, x n ] and a positive 

-1)]. ■ 



The above theorem is a portion of corollary 3 from [KPSOO . 

The proof of part (a) is then almost trivial: By assumption, theorem tells 
us that the mod p reduction of F has a root in TLjpL =>• p divides a. Since the 
number of divisors of an integer a is no more than 1 + log a (since any prime power 
other than 2 is bounded below by e) , we arrive at our desired asymptotic bound on 
a F . ■ 

Remark 12. Following the notation of theorem^, we thus obtain the following 
explicit bound: 



a F <l + 2(n + l) 3 DV F [a(F) + log? 



)2n+4 



D\og(D + 1)]. 



Proof of Part (b): Recall the following version of the discriminant. 

Definition 4. Given any polynomial f(x\) =a$ + a\X\ + • • • + ayjxf 5 £ T\xi\ 
with all \cti\ bounded above by some integer c, define the discriminant off, A/, 

to be - — times the following (2D — 1) x (2D — 1) determinant: 



det 



ao 




OLD 
















ao 




OLD 


















ao 




an 
















ao 




Qd 


a 1 




Dan 
















Oil 




Dold 
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DaD 
















ai 




Da D 



where the first D — 1 ( resp. last D ) rows correspond to the coefficients of f ( resp. 
the derivative of f). ■ 



Our proof of part (b) begins with the following observation. 

Theorem 25. Following the notation of section 0, suppose f £ 1\x{\ 
square-free polynomial of degree D with exactly if factors over 
truth of GRH implies that 

\i f TT(t) - N f (t)\<2Vt(D\ogt + log |A/|) +Dlog|A/|, 

for all t>2. ■ 



is a 
Then the 
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A slightly less explicit version of the above theorem appeared in [Koi96, Thm. 
9], and the proof is almost the same as that of an earlier result of Adleman and 
Odlyzko for the case i/ = l [A083, Lemma 3]. (See also [Wei84].) The only new 
ingredient is an explicit version of the effective Chebotarev density theorem due 



to Oesterle [Oes79|. (Earlier versions of theorem |25| did not state the asymptotic 
constants explicitly.) 

The proof of part (b) is then essentially a chain of elementary analytic bounds 
which flows from applying theorem |25| to the polynomial h p from theorem ^. How- 
ever, a technicality which must be considered is that hp might not be square-free 
(i.e., A/ lF may vanish). This is easily taken care of by an application of the following 
immediate corollary of lemmata ^ and ^. 

COROLLARY 2. Following the notation above, let g be the square-free part of f 
and let D' be the degree of g. Then log |A g | <L>'(Dlog2 + log(L>' + 1) + logc). ■ 

Another technical lemma we will need regards the existence of primes inter- 
leaving a simple sequence. 



Lemma 7. The number of primes in the open interval (At 3 , A{t + l) 3 ) is at 
L At 2 

2 ' logt+logA- 



least Lyj ' io t+io A -l' "Provided A, t> e 5 w 148.413 



This lemma follows routinely (albeit a bit tediously) from theorem 8.8.4 of [ BS96 |. 
which states that for all t > 5, the t— prime lies in the open interval (tlogt, i(logi + 
loglogt)). 

The key to proving theorem ^| is then to find small constants to and A p such 
that Np(Ap(t + l) 3 - 1) - N F (A F t 3 )>l for al\t>t . 

Via theorems ^| and |?], and a consideration of the primes dividing the dj (the 
denominators in our rational univariate representation of Zp), it immediately fol- 
lows that \Np(t) — Nh F (t)\ < Vp 2™=i (l°g a « + 1)' f° r au t>0. We are now ready 
to derive an inequality whose truth will imply Np(A F (t + l) 3 — 1) — Np(Apt 3 ) > 1: 
By theorem |2f| lemma f?| the triangle inequality, and some elementary estimates 
on logt, t 3 , and their derivatives, it suffices to require that Apt 2 strictly exceed 
12(logAi? + logt) times the following quantity: 

2(1 + V2)V3A F t 3 {V F (\og(3A F t 3 ) + 1) + log |A 9 |] + V F (log |A 3 | + Vloga, + n) 



i=l 



for all t> max{^o,e 5 }, where g denotes the square- free part of hp . (Note that we 
also used the fact that i g > 1.) 

A routine but tedious estimation then shows that we can actually take to — 
1296 (i+^g3 + logl2 96) ps 4963040.506, and Ap as in the statement of part (b). 
Careful accounting of the estimates then easily yields the explicit upper bound for 
Ap we state below. ■ 

Remark 13. The constant 1296(±±M^ -flog 1296) arises from trying to find 
the least t for which t 2 >a log 4 t, where, roughly speaking, a ranges over the con- 
stants listed in the expressions for A F , B F ,C F ,D F below. 

A F < [1296^1 log 4 Bp + 36C| log 2 C F + 2D F log Dp~] , 

where 

B F :=72\/3(1 + V2)V F , C F :=24V3(1 + y/2) log \A g \ + 2, and 
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D F :=12V F (log|A s | +^ log ai + n) +13. 



6.2. Proofs of Our Results Over Z: Theorems £L7|, |18|, and |20. 

The proof of theorems [l?] and [l8| rely on a refined version of Siegel's theorem 
(theorem ^l] stated earlier in section ^ and an algorithmic result on factoring 
polynomials over C (lemma |8| below). The proof of theorem [2^ will mainly use 
the tools we developed fo r our resu lts over C from section ||, and is a streamlined 



version of the proof from | RojOOa 



6.2.1. The Proof of Theorem \l \ 
(=>): Simply apply whatever algorithm one has for Big N to the polynomial 
f(-x, -y)f{-x, y)f{x, -y)f(x, y) to obtain the value of Big z (/). ■ 
(<^=): First calculate b :— Big z (/). If b < oo then we can simply enumerate 
positive integral points until we at last know Big N (/). (This can of course be mind- 
bogglingly slow, but is nevertheless a Turing-machine algorithm which is guaranteed 
to terminate.) 

If 6 = oo then let us do the following: Replace / by its square-free part. (This 
can be done within NC via, say, lemma |^ below.) Then note that any irreducible 
component of Zf containing infinitely many integral points must be defined over 
Z. (Otherwise, the action of Gal(Q/Q) would imply that every integral point has 
multiplicity > 1 — a contradiction, since the number of singular points of a curve is 
always finite.) So we may also assume that Zf is geometrically irreducible. (Indeed, 
we can find all the irreducible components of Zf within NC via lemma ||.) 

Theorem |22| then tells us that Big N (/) = oo Zf has unbounded intersection 
with the the (open) first quadrant. To decide the latter question, one first finds 
the largest real critical value of the projection (x, y) <— > x + y, restricted to the 
intersection of Zf with the first quadrant. (Since we are restricting to the first 
quadrant, one must also consider the image of the intersection of Zf with the coor- 
dinate axes under this projection as well.) This reduces to finding the £2) which 
maximizes Ci + C27 where (C11C2) is either a positive real roots of the polynomial 
system (/, |^ + §^), or a point in Zf n {xy = 0}. Thanks to theorems || and [7], and 



a fast root approximation algorithm from [NR96|, this can be done within NC. 

To conclude, if there is no critical value, we simply check (via the techniques just 
mentioned) if the polynomial system (f,x + y—l) has a positive real root. It is then 
easily checked that this system has a root iff Zf has unbounded intersection with 
the first quadrant. Otherwise, one performs the same check with the polynomial 
system (/, x + y — £1 — (2 — 1) instead. So we are done. ■ 

6.2.2. The Proof of Theorem |7|. 
First note that as in our last proof, we can use lemma || to reduce (within NC, 
relative to the dense encoding) to the case where Zf is geometrically irreducible 



Our algorithm then proceeds as follows: Compute the genus of Z f . (By |KS97| , 



this can actually be done within NC as well.) If the genus is positive then theo- 
rem ^l] tells us that there are only finitely many integral points and we are done. 
Similarly, via [ NR96| , condition (c) of theorem [|l] can be checked within NC. 



So we may now assume that Zf satisfies condition (c) and has genus zero. Find 
all positive integral singular points of Zf. (By theorems |l ^, and O, this can 
also be done within NC.) Call these points {(cti, (3i), . . . , («», (3n)}- Then form 
the polynomial g(x, y, t) := (x — a\) 2 + (y — fii) 2 +••• + (»— aw) 2 + (y — Pn) 2 — t. 
Clearly, Zf has a nonsingular integral point iff the curve C C 3 has a positive 
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integral point. Furthermore, since Zf has a rational parametrization, the curve 
Z(f, g ) admits one as well. Thus Z/f <g \ is irreducible and has genus zero too. 

So assuming RatCurve(3) is decidable, theorem ^l] tells us that we can decide 
whether Zf has infinitely many integral points. Converting this to the decidability 
of HTP°° (2) is a simple matter, thanks to theorem ^2] and an application of theorem 
^ already detailed in our last proof. ■ 



Lemma 8. [ BCGW92 | Suppose /gQ[xi, . . . ,x n ] and n is a constant. Then, 
relative to the dense encoding, we can find all factors of f over C[xi, . . . , x n ] within 
NC. Furthermore, every factor is given as a polynomial in Q[a][xi, . . . , x n ], where 
the minimal polynomial of a is also part of the output. ■ 

6.2.3. The Proof of Theorem |^. 
It suffices to show that the truth of both conditions implies the existence of an 
algorithm for 33V3 (with all quantifiers ranging over N), thus contradicting the 
aforementioned result of Matiyasevich and Robinson. 

So assuming the truth of (1) and (2), let us construct such an algorithm. First 
note the following fact. 

Lemma 9. Following the notation above, let 

£/ := {(uo, Vq) € C 2 | {(x,y)eC 2 | f(u o ,v o ,x,y) = 0} has a genus zero component}. 

Also let'E.f denote the set of (uq, vq) € N 2 such that Vx By f(uo, vq, x, y) — Q. Then 
(~l 1? , whether all quantifiers range over N or 7L. 

Proof of the Lemma: By theorem ^l], Vx By / (ito, vq, x,y) = ==>• Zf n {(u, v) — 
(uq, vq)} contains a curve of genus zero (whether the quantification is over NorZ). 
So we are done. ■ 

Continuing the proof of theorem consider the following algorithm for 33V3: 
First decide whether Zf contains a specially ruled surface. (That this is Turing- 



decidable was already observed in [RojOOa .) If so, simply apply any algorithm for 



statement (2) to decide the prefix 33V3. 

Otherwise, S/ is the (possibly empty) union of a finite point set and a collection 



of curves of positive genus. Via algorithms already observed in [RojOOaj, the 
defining polynomials for all these points and curves are Turing-computable. So via 
theorem [j], and statement (1), the worst we need do is enumerate integral points 
on several curves of positive genus. So although our algorithm may be very slow, 
we have succeeded in deriving a contradiction, and we are done. H 

Remark 14. The usual definition of genericity in computational algebra is 
stronger than the one we gave earlier: A statement involving a set of parameters 
{ci, . . . , cat} holds generically iff the statement is true for all (c\, . . . , c/v) 6 
outside of some a priori fixed algebraic hypersurface. That this version of gener- 
icity implies the simplified version mentioned earlier in our theorems is immediate 



from Schwartz' Lemma [Sch80|. Any statement claimed to be true generically in 



this paper still holds under this stronger notion. M 
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Appendix: How the Examples Were Computed 

Here we reveal some further details on the computations underlying our ex- 
amples. All of the computations in this paper were performed on a Sun 4u Com- 
puteserver, named Kronecker, at MIT. The version of Maple used was Maple V 
Release 5. 

The univariate reduction, P(u), for our first 3x3 polynomial system is a nonzero 
constant multiple of the sparse resultant of f±, f%, fo, and u — xyz. The following 
Maple code is how the computation was performed: 

with(linalg) ; 



f : =144+2*x-3*y~2+x~7*y~8*z~9 ; 
g:=-51+5*x~2-27*z+x~9*y~7*z~8; 
h:=7-6*x+8*x~8*y~9*z~7-12*x~8*y~8*z~7; 
k:=u-x*y*z; 



rl : =f actor (resultant (f ,k,x) ) 
r2 : =f actor (resultant (g,k,x) ) 
r3 : =f actor (resultant (h,k,x) ) 



rrl :=op(4,rl) 
rr2:=op(4,r2) 
rr3:=op(3,r3) 



si : =f actor (resultant (rrl ,rr3,z) ) : 
s2 : =f actor (resultant (rr2 , rr3 , z) ) : 

ssl :=op(4,sl) : 
ss2:=op(3,s2) : 

t : =f actor (resultant (ssl , ss2 ,y) ) : 
univar :=op(3,t) ; 



We also note that our choice for P(u) was a bit sneaky: instead of finding 
a polynomial whose roots were linear projection of the roots of F, we found a 
polynomial whose roots were a monomial map of the roots of F. This additional 
flexibility is useful in practice, and it is also possible to improve our quantitative 
results along these lines. These improvements will be detailed in later work, and we 
also point out that other applications of such nonlinear projections have appeared 



in earlier work of the author [R,oj98 



As for the mixed volume calculation, we used a C implementation by Ioannis 
Emiris (publically available at 

tittp : //www. inria. f r/saga/logiciels/emiris/ sof t_geo .html). That the mixed 
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volume equals the number of roots in C 3 follows easily from the fact that all the 
polynomials have a nonzero constant term, and an exactness condition for Bern- 
shtein's Theorem (see, e.g., [Ber75] or [Roj99a, Main Theorem 2]). Verifying the 
latter condition amounts to checking whether a product of toric resultants vanishes 
and for the sake of brevity we omit this calculation. In any case, it is easily checked 
that M F < e 3 +s • ^§ + (3 • 9 + 2) 3 - (3 • 9 + l) 3 « 5202.327253 for our example, 
via lemma |l|. (In practice, the true value of Mp is typically much smaller than the 
upper bound from lemma |].) 

By a stroke of luck, the polynomial P is irreducible over Q, so we immediately 
obtain that F has exactly 145 distinct complex roots. Furthermore, we obtain 
that for any subfield K C C, every root of P in K is the image of a unique root of F 
in K 3 . So we also obtain that F has no rational roots. Via the realroot command 
of Maple (which employs Sturm sequences [Roy96]), we similarly obtain the 
number of real roots of F. 

As for the comparison with Grobner bases, we simply invoked the following 
Maple commands: 

=144+2*x-3*y~2+x~7*y~8*z~9 ; 
=-51+5*x~2-27*z+x~9*y~7*z~8; 
h:=7-6*x+8*x~8*y~9*z~7-12*x~8*y~8*z~7; 
k: =u-x*y*z ; 



with(Groebner) ; 
univpoly(u, [f ,g,h,k] ) ; 



The larger time bound given was actually the amount of time Maple spent 
calculating a univariate reduction via Grobner bases, until the author's remote 
connection to Kronecker was terminated. 
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